React2Shellのエクスプロイトが大規模Linuxバックドア展開とクラウド認証情報窃取で継続

Flare researchers have identified a new Linux botnet called SSHStalker that has compromised around 7,000 systems using outdated exploits and SSH scanning. The botnet employs IRC for command-and-control while maintaining dormant persistence without immediate malicious activities like DDoS or cryptomining. It targets legacy Linux kernels, highlighting risks in neglected infrastructure.

2026年05月05日(火) AIによるレポート

Four days after the CopyFail (CVE-2026-31431) exploit disclosure disrupted Ubuntu services, the US government warned of its critical risks to Linux systems, urging immediate patching amid public exploit code.

Researchers at LevelBlue have identified a new variant of the SysUpdate malware aimed at Linux systems during a digital forensics and incident response engagement. The malware disguises itself as a legitimate system service and employs advanced encryption for command-and-control communications. By reverse-engineering it, the team created tools to decrypt its traffic more quickly.

2026年04月03日(金) AIによるレポート

Developers of the popular AI tool OpenClaw released patches for three high-severity vulnerabilities, including one that allowed attackers with basic pairing privileges to silently gain full administrative control. The flaw, tracked as CVE-2026-33579 and rated up to 9.8 out of 10 in severity, has raised alarms among security experts. Thousands of exposed instances may have been compromised unknowingly.