New ‘Plague’ PAM Backdoor Exposes Critical Linux Systems to Silent Credential Theft
New ‘Plague’ PAM Backdoor Exposes Critical Linux Systems to Silent Credential Theft
02 August 2025
Cybersecurity researchers have flagged a previously undocumented Linux backdoor dubbed Plague that has managed to evade detection for a year.
"The implant is built as a malicious PAM (Pluggable Authentication Module), enabling attackers to silently bypass system authentication and gain persistent SSH access," Nextron Systems researcher Pierre-Henri Pezier said.
Pluggable Authentication Modules