#webshell — Public Fediverse posts

Cookie-gesteuerte PHP-Webshells: Wie Angreifer Linux-Hosting-Server heimlich kompromittieren

Sicherheitsforscher von Microsoft beobachten eine zunehmend verbreitete Angriffsmethode auf Linux-Hosting-Umgebungen: PHP-basierte Webshells, die HTTP-Cookies als Steuerkanal nutzen.

https://www.all-about-security.de/cookie-gesteuerte-php-webshells-wie-angreifer-linux-hosting-server-heimlich-kompromittieren/

#microsoft #linux #php #cookies #webshell

Cookie-controlled PHP webshells: A stealthy tradecraft in Linux hostingenvironments - https://www.redpacketsecurity.com/cookie-controlled-php-webshells-a-stealthy-tradecraft-in-linux-hostingenvironments/

#threatintel
#webshell
#php
#linux-hosting
#persistence
#cron

Cookie-controlled PHP webshells: A stealthy tradecraft in Linux hostingenvironments - https://www.redpacketsecurity.com/cookie-controlled-php-webshells-a-stealthy-tradecraft-in-linux-hostingenvironments/

#threatintel
#webshell
#php
#linux-hosting
#persistence
#cron

Cookie-controlled PHP webshells: A stealthy tradecraft in Linux hostingenvironments - https://www.redpacketsecurity.com/cookie-controlled-php-webshells-a-stealthy-tradecraft-in-linux-hostingenvironments/

#threatintel
#webshell
#php
#linux-hosting
#persistence
#cron

Cookie-controlled PHP webshells: A stealthy tradecraft in Linux hostingenvironments - https://www.redpacketsecurity.com/cookie-controlled-php-webshells-a-stealthy-tradecraft-in-linux-hostingenvironments/

#threatintel
#webshell
#php
#linux-hosting
#persistence
#cron

Cookie-controlled PHP webshells: A stealthy tradecraft in Linux hostingenvironments - https://www.redpacketsecurity.com/cookie-controlled-php-webshells-a-stealthy-tradecraft-in-linux-hostingenvironments/

#threatintel
#webshell
#php
#linux-hosting
#persistence
#cron

😱 Breaking news: Someone discovered a #webshell and a normal file share an MD5 hash! 🚨 Stop the presses, this changes everything! Meanwhile, #GitHub is busy deploying #AI to write better code while nobody noticed the hash collision between a sandwich and a rock. 🍔🗿
https://github.com/phith0n/collision-webshell #BreakingNews #HashCollision #CodeSecurity #HackerNews #ngated

😱 Breaking news: Someone discovered a #webshell and a normal file share an MD5 hash! 🚨 Stop the presses, this changes everything! Meanwhile, #GitHub is busy deploying #AI to write better code while nobody noticed the hash collision between a sandwich and a rock. 🍔🗿
https://github.com/phith0n/collision-webshell #BreakingNews #HashCollision #CodeSecurity #HackerNews #ngated

😱 Breaking news: Someone discovered a #webshell and a normal file share an MD5 hash! 🚨 Stop the presses, this changes everything! Meanwhile, #GitHub is busy deploying #AI to write better code while nobody noticed the hash collision between a sandwich and a rock. 🍔🗿
https://github.com/phith0n/collision-webshell #BreakingNews #HashCollision #CodeSecurity #HackerNews #ngated

😱 Breaking news: Someone discovered a #webshell and a normal file share an MD5 hash! 🚨 Stop the presses, this changes everything! Meanwhile, #GitHub is busy deploying #AI to write better code while nobody noticed the hash collision between a sandwich and a rock. 🍔🗿
https://github.com/phith0n/collision-webshell #BreakingNews #HashCollision #CodeSecurity #HackerNews #ngated

A webshell and a normal file that have the same MD5

https://github.com/phith0n/collision-webshell

#HackerNews #webshell #MD5collision #cybersecurity #GitHub #hacking #securityresearch

A webshell and a normal file that have the same MD5

https://github.com/phith0n/collision-webshell

#HackerNews #webshell #MD5collision #cybersecurity #GitHub #hacking #securityresearch

A webshell and a normal file that have the same MD5

https://github.com/phith0n/collision-webshell

#HackerNews #webshell #MD5collision #cybersecurity #GitHub #hacking #securityresearch

A webshell and a normal file that have the same MD5

https://github.com/phith0n/collision-webshell

#HackerNews #webshell #MD5collision #cybersecurity #GitHub #hacking #securityresearch

A webshell and a normal file that have the same MD5

https://github.com/phith0n/collision-webshell

#HackerNews #webshell #MD5collision #cybersecurity #GitHub #hacking #securityresearch

Pakistani ISP Skyfi Network Allegedly Breached – Full System Access Sold Online https://dailydarkweb.net/pakistani-isp-skyfi-network-allegedly-breached-full-system-access-sold-online/ #networksecurity #DataBreaches #SkyfiNetwork #cyberattack #threatactor #databreach #Pakistan #webshell #ISP

Pakistani ISP Skyfi Network Allegedly Breached – Full System Access Sold Online https://dailydarkweb.net/pakistani-isp-skyfi-network-allegedly-breached-full-system-access-sold-online/ #networksecurity #DataBreaches #SkyfiNetwork #cyberattack #threatactor #databreach #Pakistan #webshell #ISP

Pakistani ISP Skyfi Network Allegedly Breached – Full System Access Sold Online https://dailydarkweb.net/pakistani-isp-skyfi-network-allegedly-breached-full-system-access-sold-online/ #networksecurity #DataBreaches #SkyfiNetwork #cyberattack #threatactor #databreach #Pakistan #webshell #ISP

Pakistani ISP Skyfi Network Allegedly Breached – Full System Access Sold Online https://dailydarkweb.net/pakistani-isp-skyfi-network-allegedly-breached-full-system-access-sold-online/ #networksecurity #DataBreaches #SkyfiNetwork #cyberattack #threatactor #databreach #Pakistan #webshell #ISP

NetScaler ADC/Gateway zero-day exploited by attackers (CVE-2025-7775) https://www.helpnetsecurity.com/2025/08/26/netscaler-adc-gateway-zero-day-exploited-by-attackers-cve-2025-7775/ #Don'tmiss #NetScaler #Hotstuff #backdoor #webshell #Citrix #0-day #News

NetScaler ADC/Gateway zero-day exploited by attackers (CVE-2025-7775) https://www.helpnetsecurity.com/2025/08/26/netscaler-adc-gateway-zero-day-exploited-by-attackers-cve-2025-7775/ #Don'tmiss #NetScaler #Hotstuff #backdoor #webshell #Citrix #0-day #News

NetScaler ADC/Gateway zero-day exploited by attackers (CVE-2025-7775) https://www.helpnetsecurity.com/2025/08/26/netscaler-adc-gateway-zero-day-exploited-by-attackers-cve-2025-7775/ #Don'tmiss #NetScaler #Hotstuff #backdoor #webshell #Citrix #0-day #News

NetScaler ADC/Gateway zero-day exploited by attackers (CVE-2025-7775) https://www.helpnetsecurity.com/2025/08/26/netscaler-adc-gateway-zero-day-exploited-by-attackers-cve-2025-7775/ #Don'tmiss #NetScaler #Hotstuff #backdoor #webshell #Citrix #0-day #News

Ghana Postal Service Allegedly Breached – Database and System Access for Sale https://dailydarkweb.net/ghana-postal-service-allegedly-breached-database-and-system-access-for-sale/ #UnauthorizedAccesses #GhanaPostalService #CyberSecurity #databaseleak #threatactor #databreach #webshell #Ghana

Ghana Postal Service Allegedly Breached – Database and System Access for Sale https://dailydarkweb.net/ghana-postal-service-allegedly-breached-database-and-system-access-for-sale/ #UnauthorizedAccesses #GhanaPostalService #CyberSecurity #databaseleak #threatactor #databreach #webshell #Ghana

Ghana Postal Service Allegedly Breached – Database and System Access for Sale https://dailydarkweb.net/ghana-postal-service-allegedly-breached-database-and-system-access-for-sale/ #UnauthorizedAccesses #GhanaPostalService #CyberSecurity #databaseleak #threatactor #databreach #webshell #Ghana

Ghana Postal Service Allegedly Breached – Database and System Access for Sale https://dailydarkweb.net/ghana-postal-service-allegedly-breached-database-and-system-access-for-sale/ #UnauthorizedAccesses #GhanaPostalService #CyberSecurity #databaseleak #threatactor #databreach #webshell #Ghana

🚨 CRITICAL CVE-2025-28951: CreedAlly Bulk Featured Image (≤1.2.1) vulnerability lets attackers upload web shells via unrestricted file uploads. Review deployments, restrict uploads, and monitor now. https://radar.offseq.com/threat/cve-2025-28951-cwe-434-unrestricted-upload-of-file-4dd0578c #OffSeq #WordPress #Vuln #WebShell

🚨 CRITICAL CVE-2025-28951: CreedAlly Bulk Featured Image (≤1.2.1) vulnerability lets attackers upload web shells via unrestricted file uploads. Review deployments, restrict uploads, and monitor now. https://radar.offseq.com/threat/cve-2025-28951-cwe-434-unrestricted-upload-of-file-4dd0578c #OffSeq #WordPress #Vuln #WebShell

Offline webshell scanning tool, based on YARA rules https://github.com/ekky19/Yara-Standalone-Webshell-Scanner #DFIR #yara #webshell

Offline webshell scanning tool, based on YARA rules https://github.com/ekky19/Yara-Standalone-Webshell-Scanner #DFIR #yara #webshell

Offline webshell scanning tool, based on YARA rules https://github.com/ekky19/Yara-Standalone-Webshell-Scanner #DFIR #yara #webshell

Offline webshell scanning tool, based on YARA rules https://github.com/ekky19/Yara-Standalone-Webshell-Scanner #DFIR #yara #webshell

Compromised SAP NetWeaver instances are ushering in opportunistic threat actors https://www.helpnetsecurity.com/2025/05/12/compromised-sap-netweaver-instances-attacks-opportunistic-threat-actors/ #incidentresponse #enterprise #government #Don'tmiss #Forescout #Hotstuff #Mandiant #webshell #Onapsis #News #SAP

Compromised SAP NetWeaver instances are ushering in opportunistic threat actors https://www.helpnetsecurity.com/2025/05/12/compromised-sap-netweaver-instances-attacks-opportunistic-threat-actors/ #incidentresponse #enterprise #government #Don'tmiss #Forescout #Hotstuff #Mandiant #webshell #Onapsis #News #SAP

Compromised SAP NetWeaver instances are ushering in opportunistic threat actors https://www.helpnetsecurity.com/2025/05/12/compromised-sap-netweaver-instances-attacks-opportunistic-threat-actors/ #incidentresponse #enterprise #government #Don'tmiss #Forescout #Hotstuff #Mandiant #webshell #Onapsis #News #SAP

Compromised SAP NetWeaver instances are ushering in opportunistic threat actors https://www.helpnetsecurity.com/2025/05/12/compromised-sap-netweaver-instances-attacks-opportunistic-threat-actors/ #incidentresponse #enterprise #government #Don'tmiss #Forescout #Hotstuff #Mandiant #webshell #Onapsis #News #SAP

SAP NetWeaver Flaw Scores 10.0 Severity as Hackers Deploy Web Shells https://hackread.com/sap-netweaver-flaw-severity-hackers-deploy-web-shells/ #Cybersecurity #Vulnerability #SAPNetWeaver #Security #WebShell #SAP

SAP NetWeaver Flaw Scores 10.0 Severity as Hackers Deploy Web Shells https://hackread.com/sap-netweaver-flaw-severity-hackers-deploy-web-shells/ #Cybersecurity #Vulnerability #SAPNetWeaver #Security #WebShell #SAP

SAP NetWeaver Flaw Scores 10.0 Severity as Hackers Deploy Web Shells https://hackread.com/sap-netweaver-flaw-severity-hackers-deploy-web-shells/ #Cybersecurity #Vulnerability #SAPNetWeaver #Security #WebShell #SAP

SAP NetWeaver Flaw Scores 10.0 Severity as Hackers Deploy Web Shells https://hackread.com/sap-netweaver-flaw-severity-hackers-deploy-web-shells/ #Cybersecurity #Vulnerability #SAPNetWeaver #Security #WebShell #SAP

SAP NetWeaver Flaw Scores 10.0 Severity as Hackers Deploy Web Shells – Source:hackread.com https://ciso2ciso.com/sap-netweaver-flaw-scores-10-0-severity-as-hackers-deploy-web-shells-sourcehackread-com/ #1CyberSecurityNewsPost #CyberSecurityNews #cybersecurity #Vulnerability #SAPNetWeaver #Hackread #security #WebShell #SAP

SAP NetWeaver Flaw Scores 10.0 Severity as Hackers Deploy Web Shells – Source:hackread.com https://ciso2ciso.com/sap-netweaver-flaw-scores-10-0-severity-as-hackers-deploy-web-shells-sourcehackread-com/ #1CyberSecurityNewsPost #CyberSecurityNews #cybersecurity #Vulnerability #SAPNetWeaver #Hackread #security #WebShell #SAP

SAP NetWeaver Flaw Scores 10.0 Severity as Hackers Deploy Web Shells – Source:hackread.com https://ciso2ciso.com/sap-netweaver-flaw-scores-10-0-severity-as-hackers-deploy-web-shells-sourcehackread-com/ #1CyberSecurityNewsPost #CyberSecurityNews #cybersecurity #Vulnerability #SAPNetWeaver #Hackread #security #WebShell #SAP

SAP NetWeaver Flaw Scores 10.0 Severity as Hackers Deploy Web Shells – Source:hackread.com https://ciso2ciso.com/sap-netweaver-flaw-scores-10-0-severity-as-hackers-deploy-web-shells-sourcehackread-com/ #1CyberSecurityNewsPost #CyberSecurityNews #cybersecurity #Vulnerability #SAPNetWeaver #Hackread #security #WebShell #SAP

found this malware on my friend's site. checking on it and the original file looks so messy. vim can do `gg=G` to forcing re-indentation of the messed php file with html inside it >.<
#webshell

Weaver Ant Attack Detection: China-Linked Group Targets a Telecom Provider in Asia Using Multiple Web Shells, Including China Chopper  – Source: socprime.com https://ciso2ciso.com/weaver-ant-attack-detection-china-linked-group-targets-a-telecom-provider-in-asia-using-multiple-web-shells-including-china-chopper-source-socprime-com/ #rssfeedpostgeneratorecho #CyberSecurityNews #CyberEspionage #Latestthreats #ChinaChopper #socprimecom #WeaverAnt #socprime #webshell #Blog #APT

Weaver Ant Attack Detection: China-Linked Group Targets a Telecom Provider in Asia Using Multiple Web Shells, Including China Chopper  – Source: socprime.com https://ciso2ciso.com/weaver-ant-attack-detection-china-linked-group-targets-a-telecom-provider-in-asia-using-multiple-web-shells-including-china-chopper-source-socprime-com/ #rssfeedpostgeneratorecho #CyberSecurityNews #CyberEspionage #Latestthreats #ChinaChopper #socprimecom #WeaverAnt #socprime #webshell #Blog #APT

Weaver Ant Attack Detection: China-Linked Group Targets a Telecom Provider in Asia Using Multiple Web Shells, Including China Chopper  – Source: socprime.com https://ciso2ciso.com/weaver-ant-attack-detection-china-linked-group-targets-a-telecom-provider-in-asia-using-multiple-web-shells-including-china-chopper-source-socprime-com/ #rssfeedpostgeneratorecho #CyberSecurityNews #CyberEspionage #Latestthreats #ChinaChopper #socprimecom #WeaverAnt #socprime #webshell #Blog #APT

Weaver Ant Attack Detection: China-Linked Group Targets a Telecom Provider in Asia Using Multiple Web Shells, Including China Chopper  – Source: socprime.com https://ciso2ciso.com/weaver-ant-attack-detection-china-linked-group-targets-a-telecom-provider-in-asia-using-multiple-web-shells-including-china-chopper-source-socprime-com/ #rssfeedpostgeneratorecho #CyberSecurityNews #CyberEspionage #Latestthreats #ChinaChopper #socprimecom #WeaverAnt #socprime #webshell #Blog #APT