backdoor Archives • Page 2 of 4 • Daily CyberSecurity

Hidden Backdoors in WordPress: How Attackers Use Fake Plugins and Core Files for Persistent Access Elementor Unauthenticated EoP, CVE-2025-8489 Exploitation WordPress Privilege Escalation, WP Freeio WordPress backdoor Jupiter X Core - CVE-2024-7781 & CVE-2024-7782

Elementor Unauthenticated EoP, CVE-2025-8489 Exploitation WordPress Privilege Escalation, WP Freeio WordPress backdoor Jupiter X Core - CVE-2024-7781 & CVE-2024-7782

Hidden Backdoors in WordPress: How Attackers Use Fake Plugins and Core Files for Persistent Access

Do Son September 25, 2025

Security researcher Puja Srivastava from Sucuri uncovered two malicious files designed to guarantee persistent attacker access by...

Cisco Uncovers New PlugX Backdoor Linked to Chinese APTs CVE-2024-41988 & CVE-2024-41987

Cisco Uncovers New PlugX Backdoor Linked to Chinese APTs

Do Son September 24, 2025

Researchers at Cisco Talos have uncovered a long-running espionage campaign active since 2022, targeting the telecommunications and...

New Malware “YiBackdoor” Linked to IcedID and Latrodectus LokiBot Steganography, .NET Loader PlugX malware YiBackdoor, ransomware

New Malware “YiBackdoor” Linked to IcedID and Latrodectus

Do Son September 24, 2025

Researchers at Zscaler ThreatLabz have uncovered a new malware family, dubbed YiBackdoor, first observed in June 2025....

ToneShell Backdoor Evolves With Anti-Analysis Tricks, Continues Targeting Myanmar ToneShell, Mustang Panda

ToneShell Backdoor Evolves With Anti-Analysis Tricks, Continues Targeting Myanmar

Do Son September 12, 2025

Intezer researchers have released a technical analysis of a new variant of ToneShell, a lightweight backdoor tied...

Beyond Simple Scripts: A New XWorm Campaign Uses Multi-Stage Stealth Caminho LSB Steganography, Loader-as-a-Service 2023 Threat Report

Beyond Simple Scripts: A New XWorm Campaign Uses Multi-Stage Stealth

Do Son September 5, 2025

Researchers at the Trellix Advanced Research Center have identified a sophisticated new campaign leveraging the XWorm backdoor,...

AI Waifu RAT: A New Malware Masquerades as an AI Assistant to Hijack Your PC AI Waifu RAT, social engineering

AI Waifu RAT: A New Malware Masquerades as an AI Assistant to Hijack Your PC

Do Son September 2, 2025

Security researcher Ryingo has released a detailed analysis of a new malware strain dubbed the “AI Waifu...

Trojan Horse: A Fake PDF Editor Is Actually a Malware-Laden Backdoor PDF Editor, malware

Trojan Horse: A Fake PDF Editor Is Actually a Malware-Laden Backdoor

Do Son August 31, 2025

Security researchers at G DATA Security Lab have exposed the AppSuite PDF Editor as a malware-laden backdoor,...

MystRodX: A Stealthy New Backdoor Found Hiding in Networks for Over 20 Months MystRodX, stealthy backdoor

MystRodX: A Stealthy New Backdoor Found Hiding in Networks for Over 20 Months

Do Son August 30, 2025

XLab has identified a previously unknown and stealthy backdoor dubbed MystRodX, capable of operating undetected in compromised...

The Backdoor Is No More: UK Government Drops Demand for Access to iCloud Apple Background Security CVE-2026-20643 Apple Background Security Improvement Apple Backdoor Apple Lawsuit, Data Exfiltration CVE-2024-44131 - CVE-2025-24118 PoC

Apple Background Security CVE-2026-20643 Apple Background Security Improvement Apple Backdoor Apple Lawsuit, Data Exfiltration CVE-2024-44131 - CVE-2025-24118 PoC

The Backdoor Is No More: UK Government Drops Demand for Access to iCloud

Do Son August 20, 2025

In February 2025, reports emerged claiming that the UK government had secretly issued a notice to Apple,...

PipeMagic Returns: Kaspersky Uncovers Evolving Backdoor Linked to CVE-2025-29824 Exploits Backdoor, PipeMagic CVE-2025-29824

PipeMagic Returns: Kaspersky Uncovers Evolving Backdoor Linked to CVE-2025-29824 Exploits

Do Son August 19, 2025

Kaspersky Labs has released a new report shedding light on the persistent threat posed by PipeMagic, a...

NVIDIA: “No Backdoors, No Kill Switches,” Rejecting Calls for Government Hardware Controls NVIDIA GPU Security CUDA-Q Vulnerability NVIDIA Apex Vulnerability AI Infrastructure Security NVIDIA Cumulus Linux CVE-2025-33179 NVIDIA Arm divestment NVIDIA DGX Spark, CVE-2025-33187 NVIDIA Isaac-GROOT, Code Injection Megatron-LM Vulnerability, AI Code Injection NVIDIA China NVIDIA GPUs, Hardware Kill Switches NVIDIA Megatron-LM, LLM Vulnerabilities NVIDIA Base Command Manager - CVE-2024-0138

NVIDIA GPU Security CUDA-Q Vulnerability NVIDIA Apex Vulnerability AI Infrastructure Security NVIDIA Cumulus Linux CVE-2025-33179 NVIDIA Arm divestment NVIDIA DGX Spark, CVE-2025-33187 NVIDIA Isaac-GROOT, Code Injection Megatron-LM Vulnerability, AI Code Injection NVIDIA China NVIDIA GPUs, Hardware Kill Switches NVIDIA Megatron-LM, LLM Vulnerabilities NVIDIA Base Command Manager - CVE-2024-0138

NVIDIA: “No Backdoors, No Kill Switches,” Rejecting Calls for Government Hardware Controls

Do Son August 7, 2025

As the global reliance on high-performance computing deepens, NVIDIA GPUs have become the invisible engines powering everything...

Mustang Panda Backdoor Exposed: New ToneShell Malware Masquerades as Chrome to Spy on Gov’t & Military Mercenary Akula European Financial Targeting AI-Generated Malware React2Shell Exploit UAT-8837 Critical Infrastructure Attack APT36, BOSS Linux BRICKSTORM Malware, China Espionage Curly COMrades, MucorAgent Chinese APT - HTTP Client Tools Shuckworm Cyber Espionage

Mercenary Akula European Financial Targeting AI-Generated Malware React2Shell Exploit UAT-8837 Critical Infrastructure Attack APT36, BOSS Linux BRICKSTORM Malware, China Espionage Curly COMrades, MucorAgent Chinese APT - HTTP Client Tools Shuckworm Cyber Espionage

Mustang Panda Backdoor Exposed: New ToneShell Malware Masquerades as Chrome to Spy on Gov’t & Military

Do Son August 6, 2025

A new threat analysis by Kyaw Pyiyt Htet, a CREST-certified Threat Intelligence Analyst, has revealed the inner...

Stealthy REMCOS Backdoor Delivered by LNK Files: Bypasses Antivirus with Multi-Stage PowerShell Attack

Do Son July 29, 2025

Cybercriminals continue to find clever ways to bypass antivirus solutions and endpoint defenses. A recent Point Wild...

UK Government May Retreat from iCloud Backdoor Demand After US Pressure & Apple’s ADP Pullback iCloud Backdoor, UK Surveillance iCloud Backdoor

UK Government May Retreat from iCloud Backdoor Demand After US Pressure & Apple’s ADP Pullback

Do Son July 23, 2025

In January 2025, the UK government discreetly issued a Technical Capability Notice to Apple, demanding the covert...

DeedRAT Backdoor: Chinese APT Targets Southeast Asian Governments via Vulnerable AV Software DeedRAT, Chinese Cyberattack

DeedRAT Backdoor: Chinese APT Targets Southeast Asian Governments via Vulnerable AV Software

Do Son July 22, 2025

In a newly uncovered campaign, LAB52 — the intelligence team at S2 Group — has identified a...

GhostContainer: Kaspersky Uncovers Stealthy Backdoor Infiltrating Government & High-Tech Exchange Servers Exchange Backdoor, GhostContainer

GhostContainer: Kaspersky Uncovers Stealthy Backdoor Infiltrating Government & High-Tech Exchange Servers

Do Son July 18, 2025

In a recent incident response operation, Kaspersky Labs uncovered a highly sophisticated backdoor named GhostContainer, designed to...

New PhantomRemote Backdoor Targets Russian Healthcare & IT, Linked to Rainbow Hyena Attacks PhantomRemote Backdoor, Rainbow Hyena

New PhantomRemote Backdoor Targets Russian Healthcare & IT, Linked to Rainbow Hyena Attacks

Do Son July 16, 2025

A new wave of phishing attacks has been observed sweeping across Russia’s healthcare and IT sectors, attributed...

HazyBeacon: Novel Backdoor Uses AWS Lambda for Stealthy C2, Targets Govts

Do Son July 15, 2025

Researchers from Unit 42 at Palo Alto Networks have uncovered a novel backdoor—HazyBeacon—used by a threat cluster...

WordPress Supply Chain Attack: Gravity Forms Plugin Backdoored Through Official Downloads WordPress Supply Chain, Plugin Backdoor

WordPress Supply Chain Attack: Gravity Forms Plugin Backdoored Through Official Downloads

Do Son July 14, 2025

In a concerning development for WordPress site administrators, the Patchstack team has uncovered a targeted supply chain...

From Stealer to Spy: AMOS Malware Evolves into Full-Fledged Backdoor Threat for macOS AMOS, macOS backdoor

From Stealer to Spy: AMOS Malware Evolves into Full-Fledged Backdoor Threat for macOS

Do Son July 10, 2025

In a disturbing evolution of macOS malware, Moonlock Lab has discovered that Atomic macOS Stealer (AMOS)—already notorious...

Critical Alert 3 Active Exploits Detected Today

Critical Alert

backdoor

Hidden Backdoors in WordPress: How Attackers Use Fake Plugins and Core Files for Persistent Access

Cisco Uncovers New PlugX Backdoor Linked to Chinese APTs

New Malware “YiBackdoor” Linked to IcedID and Latrodectus

ToneShell Backdoor Evolves With Anti-Analysis Tricks, Continues Targeting Myanmar

Beyond Simple Scripts: A New XWorm Campaign Uses Multi-Stage Stealth

MystRodX: A Stealthy New Backdoor Found Hiding in Networks for Over 20 Months

The Backdoor Is No More: UK Government Drops Demand for Access to iCloud

PipeMagic Returns: Kaspersky Uncovers Evolving Backdoor Linked to CVE-2025-29824 Exploits

NVIDIA: “No Backdoors, No Kill Switches,” Rejecting Calls for Government Hardware Controls

Mustang Panda Backdoor Exposed: New ToneShell Malware Masquerades as Chrome to Spy on Gov’t & Military

DeedRAT Backdoor: Chinese APT Targets Southeast Asian Governments via Vulnerable AV Software

GhostContainer: Kaspersky Uncovers Stealthy Backdoor Infiltrating Government & High-Tech Exchange Servers

New PhantomRemote Backdoor Targets Russian Healthcare & IT, Linked to Rainbow Hyena Attacks

WordPress Supply Chain Attack: Gravity Forms Plugin Backdoored Through Official Downloads

From Stealer to Spy: AMOS Malware Evolves into Full-Fledged Backdoor Threat for macOS