Security researchers have identified new Windows-based variants of the SprySOCKS malware, which was previously known only as a Linux-based threat. Attributed to the Earth Lusca threat group, these variants have been deployed in cyberattacks against government organizations across multiple countries. The malware now exists in two distinct forms: a feature-rich version called WIN_DRV and a lighter backdoor known as WIN_PLUS.

Source

The Arch Linux security team has disabled new account registrations for the Arch User Repository (AUR) following a large-scale supply chain compromise. Attackers hijacked or created over 1,500 community-maintained packages to deliver malicious payloads, including information stealers and eBPF-based rootkits. While the community-driven AUR was heavily targeted, the official core repositories remained unaffected due to their more stringent review processes.

Source