#backdoor
11 articles
This archive collects 13 articles tagged backdoor published between April 13, 2026 and May 14, 2026, giving security teams a focused view of how this topic has appeared across ZCyberNews coverage. Observed actor references include Silver Fox, APT41, and Harvester, presented only where the underlying article metadata supports the attribution. The affected-scope signals emphasize government, technology, and financial services across Global, India, and Russia, helping readers compare exposure patterns without adding claims beyond the archive data. Severity coverage includes 2 critical, and 11 high reports.
HIGHSilver Fox Deploys ABCDoor Malware via Tax-Themed Phishing
China-linked Silver Fox group targets Indian and Russian organizations with ABCDoor backdoor via tax-themed phishing emails in December 2025 campaign.
HIGHSilver Fox Targets Russia, India With ABCDoor Backdoor
Silver Fox group impersonates tax authorities to deliver ValleyRAT and the new ABCDoor backdoor to organizations in Russia and India, per Kaspersky.
HIGHFIRESTARTER Backdoor Compromised Federal Cisco Firepower Device
CISA revealed FIRESTARTER backdoor compromised a federal Cisco Firepower device running ASA software in September 2025, surviving patching and enabling persistent remote access.
HIGHHarvester Deploys Linux GoGra Backdoor via Microsoft Graph API
The Harvester threat actor deploys a new Linux version of its GoGra backdoor, using Microsoft Graph API and Outlook mailboxes for stealthy C2 communication in attacks targeting…
HIGHMustang Panda Deploys New LOTUSLITE Variant Targeting Indian Banks
Mustang Panda's new LOTUSLITE variant targets Indian banks and South Korean policy circles via a dynamic DNS C2 over HTTPS, enabling remote shell access and file theft.
CRITICALWordPress Supply Chain Attack Infects 30+ Plugins Planted Malicous Backdoor
A malicious buyer used the Flippa marketplace to acquire a plugin developer, injecting a backdoor into over 30 WordPress plugins with hundreds of thousands of installations to deploy hidden SEO spam.
HIGHEssentialPlugin WordPress Suite Compromised to Deploy Backdoor on Thousands of
The EssentialPlugin suite, comprising over 30 popular WordPress plugins, has been compromised to inject a backdoor granting attackers administrative access to thousands of websites. The supply chain attack is actively being exploited.
HIGHWordPress Plugin Supply Chain Attack Deploys Backdoor After 8-Month Dormancy
A threat actor purchased a legitimate WordPress plugin business and hid a backdoor in updates for eight months before activating it, compromising thousands of sites in a sophisticated supply chain attack.
HIGHVIPERTUNNEL Python Backdoor Evades Detection via Fake DLL and Obfuscated Loader
Threat actors deploy VIPERTUNNEL, a Python backdoor, using a fake DLL and multi-stage obfuscated loader to establish stealthy SOCKS5 proxy tunnels for persistent network access.
HIGHAPT41 Deploys Stealthy Backdoor to Harvest Cloud Credentials
China-linked threat actor APT41 is deploying a novel, low-detection backdoor against AWS, Google, Azure, and Alibaba Cloud to harvest credentials and establish persistence.
HIGHBackdoored Smart Slider 3 Pro Update Deployed via Compromised Plugin Servers
Unknown threat actors compromised the update infrastructure for the Smart Slider 3 Pro WordPress plugin, pushing a backdoored version (3.5.1.35) to users. The attack leverages a supply chain compromise to gain administrative access.
Stay Updated
Get the latest cybersecurity news delivered to your inbox.