BleepingComputer reports that internet-facing Linux and Internet of Things devices have been targeted by brute-force attacks involving the distribution of a trojanized OpenSSH package to facilitate compromise and SSH credential exfiltration.
Article Link: Trojanized OpenSSH used in Linux, IoT device compromise | SC Media