Inside the Axios supply chain compromise - one RAT to rule them all

Elastic Security Labs identified a supply chain compromise of the axios npm package, one of the most depended-upon packages in the JavaScript ecosystem with approximately 100 million weekly downloads. The attacker compromised a maintainer account and published backdoored versions that delivered a cross-platform Remote Access Trojan to macOS, Windows, and Linux systems through a malicious postinstall hook.

Pulse ID: 69cd1c2e48c8aeef1f743d7f
Pulse Link: https://otx.alienvault.com/pulse/69cd1c2e48c8aeef1f743d7f
Pulse Author: AlienVault
Created: 2026-04-01 13:22:54

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

#BackDoor #CyberSecurity #ElasticSecurityLabs #InfoSec #Java #JavaScript #Linux #Mac #MacOS #NPM #OTX #OpenThreatExchange #RAT #RemoteAccessTrojan #SupplyChain #Trojan #Windows #bot #iOS #AlienVault

Illuminating VoidLink: Technical analysis of the VoidLink rootkit framework

Elastic Security Labs analyzes VoidLink, a sophisticated Linux malware framework combining Loadable Kernel Modules (LKMs) and eBPF for persistence. The rootkit, developed by a Chinese-speaking threat actor, evolved through four generations, targeting kernels from CentOS 7 to Ubuntu 22.04. VoidLink employs advanced techniques like delayed initialization, runtime key rotation, and a hybrid LKM-eBPF architecture for comprehensive stealth. Notable features include an ICMP-based covert channel, process protection, and memfd-aware boot loading. Evidence suggests AI-assisted development, lowering the barrier for kernel-level rootkit creation. Detection strategies and defensive recommendations are provided to counter this emerging threat.

Pulse ID: 69c51fb010f23603d7d217ea
Pulse Link: https://otx.alienvault.com/pulse/69c51fb010f23603d7d217ea
Pulse Author: AlienVault
Created: 2026-03-26 11:59:44

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

#Chinese #CyberSecurity #ElasticSecurityLabs #InfoSec #Linux #Malware #OTX #OpenThreatExchange #RAT #Rootkit #bot #AlienVault

From Invitation to Infection: How SILENTCONNECT Delivers ScreenConnect — Elastic Security Labs

Pulse ID: 69bd45393fac7e92bd363cad
Pulse Link: https://otx.alienvault.com/pulse/69bd45393fac7e92bd363cad
Pulse Author: CyberHunter_NL
Created: 2026-03-20 13:01:45

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

#CyberSecurity #ElasticSecurityLabs #InfoSec #OTX #OpenThreatExchange #ScreenConnect #bot #CyberHunter_NL

Patch Tuesday, October 2024 Edition

https://krebsonsecurity.com/2024/10/patch-tuesday-october-2024-edition/

#OpenSSHforWindows;PowerBI;WindowsHyper-V;WindowsMobileBroadband #AdobeSubstance3DPainter #ElasticSecurityLabs #Substance3DStager #NikolasCemerikic #AdobeFramemaker #LatestWarnings #CVE-2024-43572 #CVE-2024-43573 #SecurityTools #ImmersiveLabs #GrimResource #SatnamNarang #VisualStudio #TimetoPatch #Dimension #Lightroom #Commerce #InDesign #Animate #macOS15 #Sequoia #Tenable #InCopy #.NET

Malware analysis of malware family SOMNIRECORD, a backdoor malware that conceals identity masquerading as DNS using C2 (Command and Control) methods.

https://www.elastic.co/security-labs/not-sleeping-anymore-somnirecords-wakeup-call

#ElasticSecurityLabs #malware
#malwareanalysis #malwarebackdoor #dnshack

#NAPLISTENER Analysis by #elasticsecuritylabs

https://www.elastic.co/de/security-labs/naplistener-more-bad-dreams-from-the-developers-of-siestagraph?ultron=esl:_threat_research%2Besl_blog_post&blade=twitter&hulk=social&utm_content=9216526986&linkId=206234931

#infosec #malware #elastic

🔥🔥🤩 Check out this malware analysis report from Elastic Security Labs on a recent variant from the malware family ICEDID written by the MARE (Malware Analysis and Reverse Engineering) Team Senior Security Researchers Cyril F. and Daniel Stepanic !

#malwareanalysis #elastic #ElasticSecurityLabs #malware

https://www.elastic.co/security-labs/thawing-the-permafrost-of-icedid-summary