惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

Microsoft Azure Blog
Microsoft Azure Blog
Google Online Security Blog
Google Online Security Blog
D
Darknet – Hacking Tools, Hacker News & Cyber Security
Threat Intelligence Blog | Flashpoint
Threat Intelligence Blog | Flashpoint
Simon Willison's Weblog
Simon Willison's Weblog
T
Threat Research - Cisco Blogs
C
CXSECURITY Database RSS Feed - CXSecurity.com
L
Lohrmann on Cybersecurity
www.infosecurity-magazine.com
www.infosecurity-magazine.com
Forbes - Security
Forbes - Security
P
Palo Alto Networks Blog
Schneier on Security
Schneier on Security
S
Schneier on Security
T
Tor Project blog
cs.CL updates on arXiv.org
cs.CL updates on arXiv.org
WordPress大学
WordPress大学
The Hacker News
The Hacker News
Hacker News - Newest:
Hacker News - Newest: "LLM"
罗磊的独立博客
Application and Cybersecurity Blog
Application and Cybersecurity Blog
F
Fortinet All Blogs
博客园 - 三生石上(FineUI控件)
小众软件
小众软件
C
Check Point Blog
Stack Overflow Blog
Stack Overflow Blog
Blog — PlanetScale
Blog — PlanetScale
雷峰网
雷峰网
S
Security @ Cisco Blogs
PCI Perspectives
PCI Perspectives
Spread Privacy
Spread Privacy
W
WeLiveSecurity
SecWiki News
SecWiki News
A
About on SuperTechFans
H
Help Net Security
博客园 - 司徒正美
Recent Commits to openclaw:main
Recent Commits to openclaw:main
爱范儿
爱范儿
S
Securelist
M
MIT News - Artificial intelligence
云风的 BLOG
云风的 BLOG
月光博客
月光博客
Jina AI
Jina AI
博客园 - 叶小钗
Vercel News
Vercel News
阮一峰的网络日志
阮一峰的网络日志
Recent Announcements
Recent Announcements
S
Secure Thoughts
The Cloudflare Blog
美团技术团队
freeCodeCamp Programming Tutorials: Python, JavaScript, Git & More

Malpedia Library (Latest)

Unmasking The 64-bit Variant of the Infamous Lumma Stealer North Korea-Nexus Threat Actor Compromises Widely Used Axios NPM Package in Supply Chain Attack ProxyBox: Socks5Systemz Lives On All thriller, no (malware) filler APT28 exploit routers to enable DNS hijacking operations Iranian-Affiliated Cyber Actors Exploit Programmable Logic Controllers Across US Critical Infrastructure sysinfo stealer via VirusTotal API. Simple C example Deep Technical Analysis Of Payload Ransomware Targeting ESXi Environment Active Magecart Campaign Targets Spain, Steals Card Data via Hijacked eStores for Bank Fraud A Multi-Vector DDoS Botnet Targeting Organizations Worldwide Detect SnappyClient C&C Traffic Using PacketSmith + Yara-X Detection Module Russian Intelligence Services Target Commercial Messaging Application Accounts Government of Iran Cyber Actors Deploy Telegram C2 to Push Malware to Identified Targets cron jobs. Simple C example RegPhantom Backdoor Threat Analysis Re-opened applications. Simple C example Google Cloud Storage Phishing Deploying Remcos RAT a new Android RAT turning infected devices into potential residential proxy nodes MUSTANG PANDA × PLUGX - From deceptive LNK to multi-transport backdoor caffeinate LOLBin. Simple C example How UNC6692 Employed Social Engineering to Deploy a Custom Malware Suite The Group Theory Inside Bedep's DGA Void Dokkaebi Uses Fake Job Interview Lure to Spread Malware via Code Repositories WannaCry Malware Analysis - How YOU Could have Saved the World How 109 Fake GitHub Repositories Delivered SmartLoader and StealC Mobile malware development trick 3. CPU info logger: anti-VM and anti-sandbox. Simple Android (Kotlin) example. We Dumped a Live Kimsuky C2 and Recovered Every Stage of the Kill Chain: CHM Dropper, VBScript Stager, PowerShell Keylogger Quasar Linux (QLNX) – A Silent Foothold in the Supply Chain: Inside a Full-Featured Linux RAT With Rootkit, PAM Backdoor, Credential Harvesting Capabilities [KRYBIT] – Ransomware Victim: Hacked 0APT Pro-Iranian Actor Ababil of Minab Claims Cyberattack on LA Metro (LACMTA) Lazarus Group Uses Git Hooks To Hide Malware Mystery ShadowBrokers Reference Reveals High-Precision Software Sabotage 5 Years Before Stuxnet Tweet about SpankRat Tweet about HanGhost Tweet about GeckoStealer Tweet about VoltStealer Tweet about LedgerChecker Stealer NotPetya Malware Analysis - Bye, boot partition. I'll miss you North Korea's abuse of Cloudflare Workers and Pages The Server That Was Not Just FTP Weekly Detected Threats - April 21 Where Have All the Complex Windows Malware and Their Analyses Gone? Multi-stage malware delivery campaign using SEO poisoning and serverless infrastructure Analysis on Malware that attacks Israel's Water treatment facilities LATAM Under Siege: Agent Tesla’s 18-Month Credential Theft Campaign Against Chilean Enterprises New TrickMo Variant: Device Take Over malware targeting Banking, Fintech, Wallet & Auth apps New Phishing Campaign Targets US with Credential Theft: What CISOs Need to Know osascript LOLBin. Simple C example Zynap’s Next-Gen Sandbox Redefines Automatic Malware Analysis X.com - Gen Threat Labs Tweet about Lalia Ransomware Darcula aka. "Magic Cat" Fake installer ships Rust Infostealer Trojanized MS Teams Installers Deliver Multi-Stage Loader and Backdoor MustangPanda New Backdoor LotusLite Analyzing Void Dokkaebi’s Cython-Compiled InvisibleFerret Malware Fake Microsoft Teams download sites are being used to deliver ValleyRAT via DLL sideloading MUSTANG PANDA x PLUGX - Analysis of the January 2026 sample: a multi-layer execution chain Pivoting on a malspam infrastructure delivering JS malware backed by bulletproof networks Inside Red Lamassu’s JFMBackdoor Fresh mischief and digital shenanigans Anatomy of a nation-state botnet THUS SPOKE…THE GENTLEMEN Industrialized Smishing Infrastructure Targeting the UAE and Singapore Transportation, Government, and Logistics Sectors TCLBANKER: Brazilian Banking Trojan Spreading via WhatsApp and Outlook Detecting Nimbus Manticore and their sideloading infection chains Famous Chollima Targets PHP Developers Through Compromised Packagist Package Malware shellcode delivery via signal Fast and Furious – Nimbus Manticore Operations During the Iranian Conflict Inside the Cross-Platform Propagation of a New Gafgyt Variant C0XMO Believe me I am MustangPanda UNK_DeadDrop Phishing Campaign Targets Developers to Steal Cryptocurrency Graph ML PyPI Packages Deploy Cross-Platform Memory Scrapers, AI Analyst Misdirection, and a Wiper Deterrent Lazarus Group's Latest: Brandjacking Campaign on npm Miasma Worm Campaign Spreads with New PyPI Wave The HazyBeacon Protocol – How Malware Weaponizes Amazon Web Services (AWS) Lambda Function URLs Russian spy agency says foreign spies turned officials' smartphones into surveillance devices Evolutions from 2024 to 2026 DriveSurge Turns Trusted Websites Into ClickFix Malware Traps A Russia-nexus group leveraging AI across state-aligned operations A Russia-nexus group leveraging AI across state-aligned operations Sapphire Sleet Targets macOS in Multi-Stage Intrusion Campaign Billions At Stake At The World’s Largest Football Tournament A New Threat Actor Targeting the Cryptocurrency Industry's Software Development Infrastructure I Installed a Fake Resident Evil Mod and Got Pwnd SilabRAT, What’s Your Power? ESET APT Activity Report Q4 2025–Q1 2026 Anatomy of a Deno-Based Proxy & RAT How Threat Actors Are Abusing Microsoft Teams and Google Drive to Deploy a Java RAT astro.config.mjs Supply Chain Attack via Blockchain C2 The Suspected Chinese Crime Group is Going Global Bulletproof Hosting: Cutting off the facilitators CVE-2026-34197:Apache ActiveMQ Residential Proxies in the Wild Who Are The Victims of Residential Proxies? International law enforcement initiate hunt on malware group SocGholish When Your Smart TV Stops Being Yours analysis of a new loader distributing CASTLESTEALER MalwareBazaar | SolarisLoader From PostCSS Masquerading to Windows RAT
PAM module injection. Simple C example
Fraunhofer FKIE · 2026-04-12 · via Malpedia Library (Latest)

MacOS malware persistence 6: PAM module injection. Simple C example

Author(s): cocomelonc
Organization: cocomelonc


Related Articles

2026-05-24cocomelonccocomelonc
Malware shellcode delivery via signal - part 1. FSK Basics. Simple python script
2026-04-27cocomelonccocomelonc
MacOS malware persistence 11: osascript LOLBin. Simple C example
OSAMiner
2026-04-23cocomelonccocomelonc
MacOS malware persistence 10: caffeinate LOLBin. Simple C example