Backdoor
DAEMON Tools Supply Chain Compromise: Signed Installers Backdoored Since April 8, Chinese Actor Suspected
Trojanized DAEMON Tools Lite installers signed with the legitimate vendor certificate distributed a multi-protocol backdoor for nearly a month. Kaspersky telemetry shows infection attempts in 100+ countries, with a second-stage implant on government and scientific targets in Russia, Belarus, and Thailand.
DEEP#DOOR: Python Backdoor Hides C2 Behind bore.pub Tunneling Service to Steal Cloud and Browser Credentials
Securonix details DEEP#DOOR, a Python backdoor that uses the public bore.pub TCP tunneling service for C2, disables Defender/SmartScreen via batch loader, and harvests browser-stored cloud credentials from compromised hosts.
Smart Slider 3 Pro Update Infrastructure Compromised — Backdoored Build Pushed to 800K+ WordPress Sites
Attackers compromised Nextend's update servers to distribute a weaponized Smart Slider 3 Pro build containing a multi-layered RAT with credential exfiltration and persistent backdoors.