MuddyWater Phoenix Backdoor Targets 100+ Government Entities
An Iranian-backed hacking group known as MuddyWater has launched a major cyberespionage campaign across the Middle East and Africa. Using phishing emails sent from a compromised mailbox accessed through NordVPN, the attackers targeted over 100 government organizations and diplomatic missions. The operation delivered version 4 of the group’s custom Phoenix backdoor, which enabled remote access and long-term intelligence gathering. Large-Scale
PumaBot Botnet Compromises Linux IoT Devices
A newly discovered botnet called PumaBot is making rounds in the cybersecurity world. Designed to infiltrate Linux-based systems, this malware takes a focused and stealthy approach, specifically targeting Internet of Things (IoT) devices and surveillance systems through brute-force SSH attacks. Here’s a closer look at how PumaBot operates, what sets it apart from other botnets, and how you can protect
AyySSHush Botnet Hacks ASUS Routers to Add SSH Backdoor
The newly discovered AyySSHush botnet campaign has silently compromised over 9,000 ASUS routers, installing a persistent SSH backdoor using a series of sophisticated and stealthy techniques. The campaign highlights a growing threat to home and small office routers, leveraging legitimate features to maintain control, all without deploying traditional malware. Security researchers at GreyNoise uncovered the campaign in mid-March 2025, but
