Check Point Research has detected new malware, dubbed GodLoader, that targets popular open-source game engine Godot. The technique, which is undetectable by almost all antivirus software, exploits crafted GDScript to deliver malicious payloads. The attackers behind this malware have been operating since June 2024 and have infected over 17,000 machines with the potential to target 1.2 million users of Godot-devised games. The malware is delivered via the Stargazers Ghost Network, a Github network that disseminates malware as a service.
Found in the wild: The world’s first unkillable UEFI bootkit for Linux
Security firm ESET has found the first known example of a Linux UEFI bootkit, a type of malware that infects the Unified Extensible Firmware Interface.
