Cybersecurity researchers have disclosed a Linux malware called Showboat that has been used in attacks against a telecommunications provider in the Middle East since at least mid-2022. The malware is a modular post-exploitation framework capable of spawning remote shells, transferring files, and functioning as a SOCKS5 proxy.