Get the latest tech news

MakuluLinux (6.4M Downloads) Ships Persistent Backdoor from Developer's Own C2

← Back to WeRAI MakuluLinux Ships a Persistent Backdoor in Every Installation Severity: CRITICAL | Disclosure Date: January 28, 2026 | Discovered by Steven Stobo (WeRAI / Haven AI) The MakuluLinux operating system installs a binary that establishes a persistent connection to a command-and-control server owned by the developer. This is not a third-party compromise.

None

Get the Android app