Cybernews

Chinese state hackers plant malware inside Windows

The Chinese-linked group Mustang Panda used a kernel-level rootkit to deploy undetectable TONESHELL malware, targeting ...
IEEE

Prevention of Kernel Rootkit in Cloud Computing

Abstract: A rootkit is a malicious programme created to load and operate directly from the operating system kernel. Kernel-mode rootkits, also referred to as rootkits that operate in the kernel, have ...
SecurityWeek

Cisco Routers Hacked for Rootkit Deployment

Threat actors are exploiting CVE-2025-20352, a recent Cisco zero-day, to deploy a rootkit on older networking devices. Older Cisco devices unpatched against a recent zero-day vulnerability have been ...
Infosecurity-magazine.com

New Rootkit Campaign Exploits Cisco SNMP Flaw to Gain Persistence

A campaign that exploited a Cisco Simple Network Management Protocol vulnerability to install Linux rootkits on exposed network devices has been observed. The exploit, tracked as CVE-2025-20352 and ...
SecurityWeek

Chinese Hackers Target Chinese Users With RAT, Rootkit

Fake installers distributed through Chinese-language websites are infecting users with a remote access trojan (RAT) and a rootkit, Netskope reports. Masquerading as legitimate software, such as WPS ...
Forbes

Windows Rootkit Warning As Obscure#Bat Hides Malicious Files

Forbes contributors publish independent expert analyses and insights. Davey Winder is a veteran cybersecurity writer, hacker and analyst. As if Windows users need any more bad news on the security ...
CSOonline

PUMA creeps through Linux with a stealthy rootkit attack

A new loadable kernel module (LKM) rootkit has been spotted in the wild compromising Linux systems with advanced stealth and privilege escalation features. PUMAKIT, as called by the Elastic Security ...
Bleeping Computer

New stealthy Pumakit Linux rootkit malware spotted in the wild

A new Linux rootkit malware called Pumakit has been discovered that uses stealth and advanced privilege escalation techniques to hide its presence on systems. The malware is a multi-component set that ...
Bleeping Computer

Hackers abuse Avast anti-rootkit driver to disable defenses

A new malicious campaign is using a legitimate but old and vulnerable Avast Anti-Rootkit driver to evade detection and take control of the target system by disabling security components. The malware ...
GitHub

rootkit-development

Add a description, image, and links to the rootkit-development topic page so that developers can more easily learn about it.
tech2geek

OpenArk: The Open-Source Anti-Rootkit Solution for Windows

Today, I want to tell you about a tool that should interest you, especially if you’re a bit paranoid (like me). It’s called OpenArk, an open-source anti-rootkit for Windows. But first, what exactly is ...