Cybersecurity researchers have discovered a new Linux backdoor called PamDOORa that targets SSH credentials by exploiting PAM modules, which are Linux's authentication framework. The malware allows attackers to steal login credentials while maintaining persistent access to compromised systems, making it particularly dangerous for server environments. Security experts warn that this represents an increasingly sophisticated approach to credential theft on Linux systems, with organizations urged to monitor their PAM modules for unauthorized modifications.