The US Cybersecurity and Infrastructure Security Agency (CISA) has released a new advisory detailing the malware, dubbed “Whirlpool.” It claimed the backdoor established a TLS reverse shell to a command-and-control (C2) server.