QLNX: New Remote Access Trojan targets Linux developers

Quasar Linux (QLNX) is not an operating system, but a supply chain attack tool that is difficult to detect and remove.
The Hacker News

PCPJack Credential Stealer Exploits 5 CVEs to Spread Worm-Like Across Cloud Systems

PCPJack steals credentials via 6 Python modules exploiting 5 CVEs, enabling cloud spread and fraud-driven attacks.