indicatorfilename
/tmp/.sshd
- First seen
- 2026-05-23
- Last seen
- 2026-05-23
- Sightings
- 1
Posts referencing this indicator
- Malicious Postinstall Hook Found Across 700+ GitHub Repositories, Including Packagist and Node.js Projects
Hidden file path where the downloaded malicious binary is saved and executed.