This article details a vulnerability in Triofox that allowed unauthenticated remote access, enabling attackers to bypass authentication and execute arbitrary code. Mandiant discovered that this flaw was exploited by a threat group, allowing them to create admin accounts and run malicious scripts. The issue has been patched in newer versions of the software.

A new Linux malware called "Plague" has been discovered, allowing attackers persistent SSH access while evading traditional detection methods for over a year. It employs advanced obfuscation techniques and environment tampering to eliminate traces of malicious activity, making it particularly difficult to identify and analyze. Researchers emphasize its sophisticated nature and the ongoing threat it poses to Linux systems.