BPFdoor Linux Backdoor

60% confidence

Description

BPFdoor is a stealth Linux backdoor engineered to operate within the operating system kernel, abusing Berkeley Packet Filter (BPF) functionality to inspect network traffic directly inside the kernel. [Auto-archived: reprocess_no_remaining_articles — 2026-04-01T21:35:21.734Z]

Affected Products

Vendor	Product	Versions
Rapid7 Labs	BPFdoor	—

Related News (1 articles)

Tier C

Rapid7 Blog6d ago

BPFdoor in Telecom Networks: Sleeper Cells in the Backbone

→ No new info (linked only)

CISA KEV❌ No

Actively exploited✅ Yes

PublishedMar 26, 2026

Last enriched1h agov2

Community Vote

0 upvotes0 downvotes

No votes yet

Version History

Last enriched 1h ago

v2Tier C1h ago

Added vendor Rapid7 Labs, product BPFdoor, updated severity to HIGH, and included new tags related to telecommunications and espionage.

vendorproductseveritytags

via Rapid7 Blog

v12h ago

Initial creation

BPFdoor Linux Backdoor

Description

Affected Products

Related News (1 articles)

Community Vote

Pin to Dashboard

Verification

Vulnerability Timeline

Version History