#webshell — Public Fediverse posts

Cookie-controlled PHP webshells: A stealthy tradecraft in Linux hostingenvironments - https://www.redpacketsecurity.com/cookie-controlled-php-webshells-a-stealthy-tradecraft-in-linux-hostingenvironments/

#threatintel
#webshell
#php
#linux-hosting
#persistence
#cron

😱 Breaking news: Someone discovered a #webshell and a normal file share an MD5 hash! 🚨 Stop the presses, this changes everything! Meanwhile, #GitHub is busy deploying #AI to write better code while nobody noticed the hash collision between a sandwich and a rock. 🍔🗿
https://github.com/phith0n/collision-webshell #BreakingNews #HashCollision #CodeSecurity #HackerNews #ngated

NetScaler ADC/Gateway zero-day exploited by attackers (CVE-2025-7775) https://www.helpnetsecurity.com/2025/08/26/netscaler-adc-gateway-zero-day-exploited-by-attackers-cve-2025-7775/ #Don'tmiss #NetScaler #Hotstuff #backdoor #webshell #Citrix #0-day #News

Ghana Postal Service Allegedly Breached – Database and System Access for Sale https://dailydarkweb.net/ghana-postal-service-allegedly-breached-database-and-system-access-for-sale/ #UnauthorizedAccesses #GhanaPostalService #CyberSecurity #databaseleak #threatactor #databreach #webshell #Ghana

Weaver Ant Attack Detection: China-Linked Group Targets a Telecom Provider in Asia Using Multiple Web Shells, Including China Chopper  – Source: socprime.com https://ciso2ciso.com/weaver-ant-attack-detection-china-linked-group-targets-a-telecom-provider-in-asia-using-multiple-web-shells-including-china-chopper-source-socprime-com/ #rssfeedpostgeneratorecho #CyberSecurityNews #CyberEspionage #Latestthreats #ChinaChopper #socprimecom #WeaverAnt #socprime #webshell #Blog #APT

#webshell #opendir #netsupport #rat at:

https://appointedtimeagriculture\.com/wp-includes/blocks/post-content/

GatewayAddress=95.179.158.213:443
RADIUSSecret=dgAAAPpMkI7ke494fKEQRUoablcA

Podatności o niskim ryzyku, a jednak dały RCE – zobacz wektor ataku jaki odnaleźliśmy z naszego ostatniego pentestu

W pracy pentestera bardzo często spotykamy się z podatnościami, które same w sobie niosą niskie lub średnie ryzyko. Ich wykorzystanie do niecnych celów przez atakującego wymaga spełnienia szeregu warunków, nierzadko bardzo trudnych do osiągnięcia – na przykład kliknięcie przez użytkownika w spreparowany i podesłany mu link. Im bardziej wyśrubowane warunki,...

#Aktualności #Cve #Lfd #Pentesty #Rce #SQLInjection #Webshell

https://sekurak.pl/podatnosci-o-niskim-ryzyku-a-jednak-daly-rce-zobacz-wektor-ataku-jaki-odnalezlismy-z-naszego-ostatniego-pentestu/

Chinese APT40 group swifly leverages public PoC exploits https://www.helpnetsecurity.com/2024/07/09/apt40-poc-exploits/ #webapplication #Don'tmiss #Australia #Hotstuff #webshell #China #News #CISA #APT #PoC

Popping webshells and slashers #hackingandhorrormovies #hacking #hacker #Metasploit #metasploitable2 #webshell #php #z0ds3c #horror #80shorror #halloween4

L'ANSSI a constaté sur les systèmes compromis l'existence d'une porte dérobée de type webshell, déposée sur plusieurs serveurs Centreon exposés sur internet. Cette porte dérobée a été identifiée comme étant le webshell P.A.S. dans sa version 3.1.4. Sur ces mêmes systèmes, l’ANSSI a identifié la présence d'une autre porte dérobée nommée Exaramel par l’éditeur ESET.

📎 (PDF:FR) https://www.cert.ssi.gouv.fr/uploads/CERTFR-2021-CTI-004.pdf

#WEBSHELL #BACKDOOR #CENTREON #EXARAMEL #SANDWORM #CYBER #THREAT #INFORMATIQUE

ANSSI discovered the presence of a backdoor in the form of a webshell dropped on several Centreon servers exposed to the internet. This backdoor was identified as being the P.A.S. webshell, version number 3.1.4. On the same servers, ANSSI found another backdoor identical to one described by ESET and named Exaramel.

📎 (PDF:EN) https://www.cert.ssi.gouv.fr/uploads/CERTFR-2021-CTI-005.pdf