New ‘Plague’ PAM Backdoor Exposes Critical Linux Systems to Silent Credential Theft

Akira Ransomware Exploits SonicWall VPNs in Likely Zero-Day Attack on Fully-Patched Devices

Cursor AI Code Editor Fixed Flaw Allowing Attackers to Run Commands via Prompt Injection

Attackers Use Fake OAuth Apps with Tycoon Kit to Breach Microsoft 365 Accounts

AI-Generated Malicious npm Package Drains Solana Funds from 1,500+ Before Takedown

Cybersecurity researchers have flagged a previously undocumented Linux backdoor dubbed Plague that has managed to evade detection for a year.
"The implant is built as a malicious PAM (Pluggable Authentication Module), enabling attackers to silently bypass system authentication and gain persistent SSH access," Nextron Systems researcher Pierre-Henri Pezier said.
Pluggable Authentication Modules

Headline

New ‘Plague’ PAM Backdoor Exposes Critical Linux Systems to Silent Credential Theft

The Hacker News: Latest News