Linux rootkits are getting stealthier with eBPF and io_uring tricks

Linux rootkits are evolving. Security researchers at Elastic Security Labs say modern Linux malware no longer relies only on classic loadable kernel modules or simple userland tricks. Newer rootkit designs increasingly abuse eBPF and io_uring, two legitimate Linux features that can give attackers stealth, flexibility, and less visible execution paths. That shift matters because Linux […]

The post Linux rootkits are getting stealthier with eBPF and io_uring tricks appeared first on VPN Central.