#backdoor
9 stories taggedbackdoor.

Microsoft Pulls Apart 'GigaWiper', a Windows Backdoor That's Really Three Old Wreckers in a Trench Coat
The malware lets its operator pick how to trash a machine: wipe the disk, kill the Windows drive, or fake a ransomware attack with a key that's thrown away.

A Secret Backdoor in Tenda Home Routers Lets Strangers Take Control, and There Is No Fix
A hidden login trick buried in Tenda networking gear gives anyone who knows the magic password full administrative control. The maker has not responded, and no patch exists.

Chinese Hacking Group Adds Three New Backdoors to Its Router Attack Kit
The group behind a long-running campaign targeting small office routers has quietly expanded its toolbox, giving it more ways to hide inside a victim's network.

Hidden Admin Backdoor Found in Tenda Router Firmware, CERT/CC Warns
A flaw tracked as CVE-2026-11405 lets anyone skip the password check and take over affected Tenda routers through the web interface.

North Korean Hackers Poisoned Over 100 Open Source Packages to Spy on Developers
A campaign called PolinRider has quietly corrupted legitimate software building blocks used by developers worldwide, planting tools that steal data and leave a hidden door open for attackers.

Chinese Cyber Group Targets Southeast Asian Utilities with New Backdoor
Critical infrastructure providers in Southeast Asia are facing targeted cyber intrusions from a China-linked group using a novel backdoor tool.

Mistic Backdoor Shows Up in IAB-Brokered Intrusions Across Four Verticals
A quiet new implant tied to the KongTuke access broker is landing on insurance, education, IT, and professional services networks — and it's not riding a CVE to get there.

Trusted Plugin Scripts Weaponized in Admin-Aware WordPress Supply-Chain Hit
Tampered JavaScript served from PushEngage, OptinMonster and TrustPulse fingerprinted logged-in admins before silently provisioning rogue accounts and a stealth plugin.

FlutterShell: A macOS Backdoor Wrapped in Flutter, Dropped by Ad Clicks
Unit 42 traces a malvertising operation to the same crew behind JSCoreRunner, this time hiding a backdoor inside Flutter-built Mac apps.