Paid Promotion
Add your product or open-source project on TechLogHub
Listing is free. Sponsored featured placements are paid and priced in USD — open the pricing dialog to see plan details.
May 5, 2026
Security & Infrastructure Tools
New stealthy Quasar Linux malware targets software developers
Trend Micro researchers have uncovered Quasar Linux (QLNX), a stealthy new Linux malware implant targeting software developers' environments (npm, PyPI, GitHub, AWS, Docker, Kubernetes) and signaling a potential supply-chain attack vector. QLNX combines rootkit, backdoor, and credential-stealing capabilities to achieve long-term, fileless persistence, including in-memory execution, log deletion, process-name spoofing, and forensic data clearing. It uses seven persistence mechanisms (LD_PRELOAD, systemd, crontab, init.d, XDG autostart, and .bashrc injection) to ensure it loads across dynamically linked processes. The malware comprises modular blocks: a 58-command RAT core, a dual-layer rootkit (userland LD_PRELOAD and kernel eBPF), credential harvesting (SSH keys, cloud/config files, PAM backdoors), surveillance (keylogging, screenshots), networking and lateral movement, in-memory execution/injection, and real-time filesystem monitoring. By targeting developer workstations, QLNX aims to bypass enterprise defenses and access credentials underpinning software delivery pipelines; while IoCs are provided, attribution and deployment scope remain unclear.
By TechLogHub
May 5, 2026
Security & Infrastructure Tools
Instructure Breach: Hacker Claims Data Theft From 8,800 Schools and Universities
Extortion group ShinyHunters claims to have stolen 280 million records from 8,809 schools and education platforms via Instructure's Canvas, exposing students’ and staff’s names, emails, and private messages; while some institutions confirm investigations, Instructure has not publicly commented and the scope of impacted organizations remains unverified.
By TechLogHub
May 5, 2026
Security & Infrastructure Tools
DAEMON Tools trojanized in supply-chain attack to deploy backdoor
Kaspersky reports a supply-chain attack that trojanized DAEMON Tools installers, delivering a backdoor to thousands of systems worldwide since April 8, 2026. The first-stage malware acts as an information stealer, while some victims received a second-stage payload—a lightweight backdoor capable of executing commands and downloading files, sometimes in memory. In at least one case, a more advanced QUIC RAT was deployed against a Russian educational institution. The campaign affected users in over 100 countries, but second-stage payloads targeted about a dozen high-value targets in sectors such as retail, science, government, and manufacturing in Russia, Belarus, and Thailand. Affected DAEMON Tools versions span 12.5.0.2421–12.5.0.2434, including DTHelper.exe, DiscSoftBusServiceLite.exe, and DTShellHlp.exe, and the attack is ongoing as of May 5, 2026. Organizations should audit systems with DAEMON Tools installed since April 8 and bolster supply-chain defenses.
By TechLogHub
May 5, 2026
Security & Infrastructure Tools
Student hacked Taiwan high-speed rail to trigger emergency brakes
Taiwanese university student arrested for hacking the Taiwan High-Speed Rail’s TETRA system by using software-defined radios and handheld radios to transmit a high-priority alarm, causing four THSR trains to halt for 48 minutes on April 5; an accomplice aided the plot; the 23-year-old faces up to 10 years’ imprisonment and was released on NT$100,000 bail.
By TechLogHub