Quasar Linux RAT Steals Developer Credentials for Software Supply Chain Compromise

Friday, May 8, 2026 at 11:00 AM UTC·Source: The Hacker News

Updated: Friday, May 8, 2026 at 12:00 PM UTC

Executive Summary

A previously undocumented Linux implant codenamed Quasar Linux RAT (QLNX) is targeting developers' systems to establish a silent foothold as well as facilitate a broad range of post-compromise functionality, such as credential harvesting, keylogging, file manipulation, clipboard monitoring, and network tunneling. "QLNX targets developers and DevOps credentials across the software supply chain,"

Analysis

Source Attribution

Originally published by The Hacker News on May 8, 2026.

Related Threats

MEDIUMSupply Chain

Mastercard launches SME resilience programme in MENA

Mastercard has launched Built Small. Moving Strong, a regional resilience program designed to support small and medium-sized enterprises (SMEs) as they navigate a challenging operating environment marked by supply chain disruption and tightening financial conditions.

3h agoFinextra

CRITICALSupply Chain

Your refresh plan has a CVE blind spot

The conversation is straightforward, but the problem behind it is not. The customer bought servers in 2017 and typically refresh every five to six years. Generally, around the 2022 to 2023 timeframe, they would have looked to buy new. Historically, that is what would have happened. But COVID hit, and there were supply chain constraints during COVID. The original end-of-life notice that would have

4h agoCSO Online

MEDIUMSupply Chain

Vendor Says Daemon Tools Supply Chain Attack Contained

The software developer has identified the impacted systems, removed potentially compromised files, and validated installation packages. The post Vendor Says Daemon Tools Supply Chain Attack Contained appeared first on SecurityWeek .

1d agoSecurityWeek