{
  "$type": "site.standard.document",
  "bskyPostRef": {
    "cid": "bafyreibiolaveosxbpf3tifbobrfdccdasbsmzsqnyjmk6azvty7xed7ya",
    "uri": "at://did:plc:ghkvexthfanuyq7fb5veq6tw/app.bsky.feed.post/3mlds2fkgowe2"
  },
  "coverImage": {
    "$type": "blob",
    "ref": {
      "$link": "bafkreibsaxwj6unqsmrdih27igi2bulsu6rkbrepvbxe7upbzfg2szwl4i"
    },
    "mimeType": "image/jpeg",
    "size": 731576
  },
  "path": "/2026/05/new-linux-pamdoora-backdoor-uses-pam.html",
  "publishedAt": "2026-05-08T08:41:00.000Z",
  "site": "https://thehackernews.com",
  "textContent": "Cybersecurity researchers have disclosed details of a new Linux backdoor named PamDOORa that's being advertised on the Rehub Russian cybercrime forum for $1,600 by a threat actor called \"darkworm.\"\nThe backdoor is designed as a Pluggable Authentication Module (PAM)-based post-exploitation toolkit that enables persistent SSH access by means of a magic password and specific TCP port combination.",
  "title": "New Linux PamDOORa Backdoor Uses PAM Modules to Steal SSH Credentials"
}