Malware
Researchers discover SSHStalker botnet infecting Linux servers
Reported by AI Image generated by AI
Flare researchers have identified a new Linux botnet called SSHStalker that has compromised around 7,000 systems using outdated exploits and SSH scanning. The botnet employs IRC for command-and-control while maintaining dormant persistence without immediate malicious activities like DDoS or cryptomining. It targets legacy Linux kernels, highlighting risks in neglected infrastructure.
Attackers have created a fake OpenAI repository on Hugging Face that has reached the top spot but installs infostealer malware.
Reported by AI
Cybersecurity researchers have identified a fraudulent website mimicking the popular AI tool Claude that delivers backdoor malware to visitors. The discovery highlights how cybercriminals are capitalizing on growing interest in artificial intelligence platforms.
Infostealer malware has targeted OpenClaw AI agents for the first time, according to a TechRadar report. The incident highlights vulnerabilities in locally deployed AI systems that store sensitive information. The article was published on February 17, 2026.
Reported by AI
A North Korean hacking group known as UNC1069 has employed AI-generated videos to deliver malware targeting both macOS and Windows systems. This tactic highlights evolving methods in cyber threats. The development was reported by TechRadar on February 11, 2026.
Security researchers at Check Point have uncovered VoidLink, a sophisticated new Linux malware framework designed to target cloud infrastructures. Written in Zig and linked to Chinese developers, it features over 30 plugins for stealthy reconnaissance, credential theft, and lateral movement. No real-world infections have been observed yet, but its capabilities signal a growing threat to enterprise cloud environments.
Reported by AI
Cisco Talos has reported a China-linked threat actor known as UAT-7290 that has been spying on telecommunications companies since 2022. The group uses Linux malware, exploits on edge devices, and ORB infrastructure to maintain access to targeted networks.
Daemon Tools app hit by monthlong supply-chain attack
March 13, 2026 21:43FBI seeks victims of malware in Steam indie games
March 12, 2026 22:40US and Europe disrupt SocksEscort proxy network
March 11, 2026 07:1514,000 Asus routers infected by takedown-resistant KadNap malware
February 23, 2026 08:01Malicious npm packages harvest crypto keys and secrets
January 30, 2026 21:23Researchers uncover ShadowHS Linux exploitation framework
January 24, 2026 21:25Wiper malware targets Poland's energy grid but causes no blackout
January 22, 2026 03:56Malicious PyPI package impersonates SymPy to deploy XMRig miner
January 21, 2026 17:17Attackers hijack Linux Snap Store apps to steal crypto phrases
January 21, 2026 05:18AI-assisted VoidLink malware framework targets Linux cloud servers