Tag: backdoor
41 articles

modular macOS backdoor: Stunning Dangerous Threat Revealed
What if your Mac had been quietly harboring a stealthy backdoor for years? Researchers say ChillyHell—a modular macOS implant—evaded Apple’s protections for up to four years, showing how dormancy and clever design let attackers hide in plain sight.

crypto phishing Shocking Supply-Chain Nightmare
One phishing click that reset a maintainer’s 2FA let attackers slip backdoors into at least 18 popular npm packages — including debug and chalk — turning trusted libraries into supply-chain landmines. It’s a wake-up call: human error can ripple through the entire ecosystem, so stronger authentication, multi-person publishing, and tighter dependency hygiene can’t wait.

GhostRedirector: Exclusive Dangerous IIS Backdoor Revealed
Researchers uncovered GhostRedirector, a previously undocumented campaign that’s hit at least 65 Windows web servers in Brazil, Thailand and Vietnam by installing a C++ backdoor called Rungan plus a native IIS module to stealthily intercept or redirect traffic. If you run IIS, now’s the time to audit loaded modules, hunt for Rungan indicators, and lock down your servers before attackers turn your site into a covert gateway.

VBA-based backdoor: Stunning Risky Outlook Threat
Think your inbox is safe? Researchers warn APT28 has deployed a VBA-based Outlook backdoor called NotDoor that hides in macros to harvest emails and stay persistent, so it’s time to tighten macro policies, add telemetry, and treat your mail client as part of the attack surface.

Apple backdoor: Stunning UK Reversal — Risky Plan Dies
In a surprising win for privacy, the U.K. appears to have backed away from forcing Apple to build a backdoor—raising fresh questions about how to balance law enforcement needs with global security risks. Driven by diplomatic pushback, expert warnings and public outcry, the decision gives encryption defenders a reprieve while pushing governments to find smarter, privacy-preserving alternatives.

iPhone encryption: Stunning U.S. Block and Risky Fallout
Fresh reporting says the U.S. quietly pressured Britain to drop a bid to force Apple to add an iPhone backdoor. The move reignites the debate over who holds the keys, who gets to set tech rules among allies, and what that means for our security and privacy.

SonicWall VPNs: Must-Have Fix for Risky Backdoors
If you’re still running SonicWall VPNs that are end-of-life, beware: attackers are planting stealthy backdoors and rootkits—even on patched devices—turning trusted remote-access gear into long-term footholds. Audit your appliances now and prioritize replacing, isolating, or hardening any unsupported units before a quiet compromise becomes a costly breach.

UNC6148 Backdoors Patched in SonicWall SMA 100 Series Devices
Think your patched SonicWall SMA 100 device is safe? Think again—cybercriminals are exploiting its outdated status to sneak in persistent backdoors, proving that end-of-life gear can be your network’s biggest weak spot.

MacOS Infostealer AMOS Gains Persistent Backdoor Access
MacOS users face a new threat as the AMOS infostealer evolves into a stealthy backdoor, allowing attackers to stay hidden and in control long after the initial infection. Stay informed to protect your data from this persistent danger!

New macOS Infostealer Introduces Backdoor for Ongoing Attacks
New macOS infostealer malware introduces a backdoor, enabling ongoing attacks and compromising user data. Stay vigilant against emerging threats.

Thousands of ASUS Routers Hijacked in Stealthy Backdoor Campaign
Thousands of ASUS routers hijacked via a stealthy backdoor campaign expose hidden vulnerabilities, triggering urgent cybersecurity alerts.

Florida Backdoor Bill Fails
Florida’s backdoor bill fails as lawmakers reject covert policy changes, reinforcing transparency and accountability in state governance.

Malicious WordPress Plugin Grants Remote Administrative Access to Cyber Attackers
Malicious WordPress plugin lets attackers gain remote admin control, exposing sites to unauthorized access, data breaches, and exploitation.

Deceptive WordPress Plugin Poses as a Security Tool While Deploying a Backdoor
Deceptive WordPress plugin masquerades as a security tool, secretly installing a backdoor that compromises vulnerable sites.

Fake Patch Phishing Campaign Hits WooCommerce, Injecting Hidden Backdoors
Fake Patch phishing campaign targets WooCommerce sites with fraudulent updates, injecting hidden backdoors to compromise security.

China-Backed Hackers Utilize BRICKSTORM Backdoor to Target European Enterprises
China-backed hackers exploit the BRICKSTORM backdoor to infiltrate European enterprises, posing significant cybersecurity threats.

Stealthy Lateral Movement in Linux Server Attacks with New BPFDoor Controller
Discover how BPFDoor enables stealthy lateral movement in Linux server attacks, enhancing threat actors’ capabilities and evading detection.