A recently-discovered Linux rootkit dubbed “VENOM” was announced by researchers at CERN earlier this week, and is believed to have been used by malicious actors as early as October 2016.
VENOM allows attackers to maintain unauthorized access to compromised Linux servers by implementing backdoor communication and remote code execution functionality.
You can read more information about the VENOM rootkit on CERN's Security Advisory.