BOSS Linux
-
Researchers find 10 typosquatted npm packages delivering cross‑platform credential stealer
Researchers reported a set of 10 typosquatted npm packages, uploaded on July 4, 2025 and downloaded over 9,900 times, that deploy an obfuscated, multi-stage information stealer which harvests credentials from browsers and system keyrings on Windows, Linux and macOS.
-
APT36 uses Golang DeskRAT in spear‑phishing campaign against Indian government targets
Security researchers reported that APT36 (Transparent Tribe) used spear‑phishing to deliver a Golang remote access trojan called DeskRAT against Indian government targets, with the campaign targeting BOSS Linux, using multiple persistence methods and WebSocket C2.
-
Emerging Gunra Ransomware Expands Threat Landscape with New Linux Variant
The Gunra ransomware family has evolved with a new Linux variant featuring advanced encryption techniques that enable attackers to run multiple parallel encryptions. This development raises new security concerns and underscores a broader trend of ransomware groups expanding their cross-platform targeting capabilities.
-
Pakistan-based Cyber Espionage Group Targets Indian Defence with New Linux Malware
A recent cyber espionage operation by the Pakistan-based group APT36 is targeting Indian defence personnel using sophisticated Linux malware that exploits phishing tactics and malicious software designed specifically for Linux environments.
