Malware

malware 2026-05-08
QLNX: A Stealthy Linux RAT Built To Rob Developer Workstations And Seed The Next Supply Chain Attack
Trend Micro disclosed QLNX, a previously undocumented Linux RAT engineered to harvest developer and CI credentials so operators can trojanize npm, PyPI, Docker Hub, and Kubernetes pipelines downstream.
qlnx quasar-linux linux-rat supply-chain credential-theft rootkit ebpf pam-backdoor trend-micro
malware 2026-05-03
DEEP#DOOR: Python Backdoor Hides C2 Behind bore.pub Tunneling Service to Steal Cloud and Browser Credentials
Securonix details DEEP#DOOR, a Python backdoor that uses the public bore.pub TCP tunneling service for C2, disables Defender/SmartScreen via batch loader, and harvests browser-stored cloud credentials from compromised hosts.
backdoor credential-theft tunneling python windows cloud-security tradecraft

QLNX: A Stealthy Linux RAT Built To Rob Developer Workstations And Seed The Next Supply Chain Attack