This page collects WhisperX intelligence signals tagged #Backdoor. It is designed for humans, search engines, and AI agents: each item links to a canonical source-backed record with sector, source, timestamp, credibility, and exportable structured data.
A critical supply chain attack has compromised the security of thousands of WordPress websites. Dozens of popular plugins were allegedly hijacked to push malware after their ownership was transferred to a new corporate entity. This incident represents a sophisticated breach of trust, weaponizing the routine process of ...
Ein Angreifer hat die Kontrolle über eine Entwicklungsfirma erlangt, die mehr als 30 WordPress-Plugins veröffentlicht. Kurz nach der Übernahme schleuste der Angreifer Nutzern heimlich eine Backdoor in die Software ein. Dieser gezielte Angriff auf die Lieferkette gefährdet Tausende von Websites, die auf die betroffenen ...
Die offizielle Desktop-App für die KI Claude von Anthropic hat Nutzern ohne deren Wissen oder Einwilligung eine potenzielle Backdoor auf deren Computer installiert. Ein Datenschützer entdeckte den verdächtigen Eintrag im Browser nur durch Zufall. Diese versteckte Komponente, die im System hinterlassen wird, könnte theo...
Une trentaine d'extensions WordPress populaires ont été discrètement vérolées, transformant des sites web en cibles faciles pour des attaquants. L'attaque ne provient pas d'une vulnérabilité technique classique, mais d'un changement de propriétaire malveillant. Après l'acquisition de l'entreprise indienne EssentialPlug...
The ScarCruft threat group—assessed with high confidence as a North Korean state-sponsored operation—has carried out a targeted supply chain compromise against a gaming platform, deploying the BirdCall backdoor on both Android and Windows systems. The campaign represents a strategic pivot by the actor toward entertainm...
A supply chain attack has compromised the widely used DAEMON Tools software, with a backdoor embedded in legitimate installers distributed to users since April 8, 2026. The attack was disclosed via r/netsec and linked to a technical analysis from Kaspersky's Securelist, confirming that the popular disk imaging utility ...
Security researchers have identified a sophisticated malware campaign using trojanized Microsoft Teams installers to deliver multi-stage loaders and backdoors against enterprise targets. The campaign, tracked under the name Lorem Ipsum, represents a concerning evolution in supply chain attacks that leverage trusted sof...
Yarbo, the company behind a robot lawn mower that security researchers found could be hijacked from anywhere in the world, has committed to completely removing the intentional backdoor access that created the vulnerability. The reversal comes after Andreas Makris, a security researcher, demonstrated how malicious actor...
A specific malware signature linked to WordPress compromise campaigns has surfaced, revealing a potentially large-scale attack operation with a notable technical flaw. Security researchers are pointing to the hash identifier "Bwn6fOzW0Zc6VfNNCAo1bWRmG2a" as a hunting marker for malicious payloads targeting WordPress in...
A brief discussion on Mastodon has brought attention to what some users are describing as a significant BitLocker bypass technique, with comparisons drawn to a potential government or law enforcement backdoor mechanism. The conversation, referencing a post on cyberplace.social, describes the technique under the label "...
A newly identified supply chain attack is targeting software developers through typosquatting npm packages that weaponize Claude Code's SessionStart hooks to establish persistent backdoors on infected systems. The campaign delivers a statically linked, UPX-compressed ELF binary that activates during package installatio...
A newly documented exploit dubbed "YellowKey" reportedly allows attackers to bypass BitLocker full-disk encryption on Windows 11 and Windows Server systems using nothing more than a USB stick and a basic reboot technique. The disclosure has raised immediate concerns within the security community regarding the integrity...