New ‘Plague’ PAM Backdoor Exposes Critical Linux Systems to Silent Credential Theft
Cybersecurity researchers have flagged a previously undocumented Linux backdoor dubbed Plague that has managed to evade detection for a year
Stay updated on the latest backdoor threats in cybersecurity. Discover news, analysis, and insights on covert access vulnerabilities.
Search across headline titles and summaries.
Background for this topic.
A backdoor is a hidden method within software or hardware that allows bypassing normal authentication to access a system or network. These can be intentionally created by developers for maintenance or debugging but are frequently exploited or implanted by attackers to maintain unauthorized, persistent access. Backdoors often appear as undocumented commands, hidden user accounts, or covert network services designed to evade detection.
In cybersecurity, backdoors enable attackers to circumvent security controls, increasing the risk of prolonged system compromise and data exposure. Detecting backdoors requires careful code review, monitoring for unusual system behavior, and verifying integrity through trusted baselines. Identifying backdoor indicators in malware or attacker infrastructure is critical for limiting unauthorized access and reducing attacker dwell time within networks. Defensive measures focus on eliminating hidden access points and strengthening authentication mechanisms.
Cybersecurity researchers have flagged a previously undocumented Linux backdoor dubbed Plague that has managed to evade detection for a year
The threat actor linked to the exploitation of the recently disclosed security flaws in Microsoft SharePoint Server is using a bespoke command-and-control (C2) framework called AK47 C2 (also spelled ak47c2) in its operations
An ongoing AitM campaign by the infamous Moscow-sponsored cyber threat actor has widened its scope, dropping the dangerous ApolloShadow custom backdoor malware thanks to lawful intercept systems.
A covert ATM attack used a Raspberry Pi to breach bank systems, employing stealthy malware and anti-forensics techniques
Threat actors have been observed exploiting a now-patched critical SAP NetWeaver flaw to deliver the Auto-Color backdoor in an attack targeting a U.S.-based chemicals company in April 2025
Backdoor malware Auto-Color targets Linux systems, exploiting SAP NetWeaver flaw CVE-2025-31324