DKnife is a Linux-based post-compromise framework operating at the router level, enabling adversary-in-the-middle attacks, deep packet inspection, credential harvesting, and malware delivery.

Cisco Talos links the toolkit to a China-nexus threat actor and confirms interaction with ShadowPad and DarkNimbus backdoors. By living on gateway devices, DKnife enables real-time traffic interception and user activity monitoring across endpoints.

Source: https://www.bleepingcomputer.com/news/security/dknife-linux-toolkit-hijacks-router-traffic-to-spy-deliver-malware/

💬 What defensive controls actually work against gateway-resident malware?

🔔 Follow @technadu for threat research and IoC-driven reporting

#InfoSec #ThreatHunting #RouterSecurity #AitM #LinuxMalware #CyberEspionage #ThreatActors #TechNadu

Why Washington State Wants to Control Your 3D Printer (And New AI Malware)

https://video.ironsysadmin.com/w/veiFkXcLEZYtBaF3cA4ohr

Never-before-seen Linux malware is "more advanced than typical"

https://arstechnica.com/security/2026/01/never-before-seen-linux-malware-is-far-more-advanced-than-typical/

#HackerNews #LinuxMalware #AdvancedThreat #CyberSecurity #TechNews #MalwareDetection #LinuxSecurity

VoidLink is a new cloud-native Linux malware framework with 30+ plugins, adaptive cloud detection, and stealth-focused evasion targeting AWS, Azure, and GCP.

https://www.technadu.com/voidlink-cloud-native-malware-framework-targets-linux-systems-via-custom-plugin-api/618202/

Thoughts on defending cloud Linux workloads?

#Infosec #CloudSecurity #LinuxMalware

⚠️ LunoBotnet: A modular Linux botnet with cryptomining + DDoS-for-hire.
✔️ Self-healing watchdogs
✔️ System binary replacement
✔️ Targets Roblox, Minecraft, Valve
✔️ Markets services via Telegram
Experts call it a criminal infrastructure platform for long-term monetization.

💬 How do you rate the detection difficulty here? Follow @technadu for analysis.

#Cyble #LunoBotnet #LinuxMalware #Cryptojacking #DDoS #Botnet #SelfHealing #Malware #CyberThreatIntel

RingReaper malware targets Linux servers, using io_uring to evade EDR solutions.

⚠️ Capabilities:
🔹 Process & network discovery
🔹 Privilege escalation
🔹 Self-destructs to hide traces

Our proactive defenses catch what others miss.
#RingReaper #LinuxMalware

#LinuxMalware is NOT a new thing.

#MacMalware isn't new either.

for every major #windows #Malware going around right now, there's variants of it that work on mac and many distros of linux

if you thought Mac or Linux was immune to malware you're an idiot

Imagine trusted Go modules turning your Linux system into a ticking time bomb. Hackers are hiding wiper malware in code you might use every day—what's really lurking in your development environment?

https://thedefendopsdiaries.com/unveiling-the-threat-linux-wiper-malware-in-malicious-go-modules/

#linuxmalware
#gomodules
#cybersecurity
#supplychainattack
#wipermalware