Cloud Security
Check Point discovers advanced VoidLink Linux malware for clouds
Reported by AI Image generated by AI
Security researchers at Check Point have uncovered VoidLink, a sophisticated new Linux malware framework designed to target cloud infrastructures. Written in Zig and linked to Chinese developers, it features over 30 plugins for stealthy reconnaissance, credential theft, and lateral movement. No real-world infections have been observed yet, but its capabilities signal a growing threat to enterprise cloud environments.
React2Shell exploits continue with large-scale Linux backdoor deployments and cloud credential theft
Ongoing exploitation of the React2Shell vulnerability (CVE-2025-55182)—previously detailed in coverage of China-nexus and cybercriminal campaigns—now includes widespread Linux backdoor installations, arbitrary command execution, and large-scale theft of cloud credentials.
Reported by AI
Amazon has identified a new cryptocurrency mining operation on its AWS platform. The campaign exploits stolen IAM credentials and abuses services like ECS and EC2. Attackers use termination protection to maintain persistence.