Lucene search
K

8 matches found

Positive Technologies
Positive Technologies
added 2025/04/07 12:0 a.m.7 views

PT-2025-15232

Name of the Vulnerable Software and Affected Versions Langflow versions prior to 1.3.0 Description Langflow is susceptible to unauthenticated remote code execution due to missing authentication in the HTTP Request Handler. A remote attacker can send crafted HTTP requests to the...

9.8CVSS8.2AI score0.9999EPSS
Exploits33References436
The Hacker News
The Hacker News
added 2023/10/12 11:27 a.m.46 views

ShellBot Uses Hex IPs to Evade Detection in Attacks on Linux SSH Servers

The threat actors behind ShellBot are leveraging IP addresses transformed into their hexadecimal notation to infiltrate poorly managed Linux SSH servers and deploy the DDoS malware. "The overall flow remains the same, but the download URL used by the threat actor to install ShellBot has changed...

6.5AI score
Exploits0
The Hacker News
The Hacker News
added 2023/03/21 11:41 a.m.80 views

New ShellBot DDoS Malware Variants Targeting Poorly Managed Linux Servers

Poorly managed Linux SSH servers are being targeted as part of a new campaign that deploys different variants of a malware called ShellBot. "ShellBot, also known as PerlBot, is a DDoS Bot malware developed in Perl and characteristically uses IRC protocol to communicate with the C&C server," AhnLa...

7AI score
Exploits0
Microsoft Malware Protection
Microsoft Malware Protection
added 2022/05/19 4:0 p.m.42 views

Rise in XorDdos: A deeper look at the stealthy DDoS malware targeting Linux devices

In the last six months, we observed a 254% increase in activity from a Linux trojan called XorDdos. First discovered in 2014 by the research group MalwareMustDie, XorDdos was named after its denial-of-service-related activities on Linux endpoints and servers as well as its usage of XOR-based...

7.8AI score
Exploits0
The Hacker News
The Hacker News
added 2022/05/19 5:48 a.m.175 views

VMware Releases Patches for New Vulnerabilities Affecting Multiple Products

VMware has issued patches to contain two security flaws impacting Workspace ONE Access, Identity Manager, and vRealize Automation that could be exploited to backdoor enterprise networks. The first of the two flaws, tracked as CVE-2022-22972 CVSS score: 9.8, concerns an authentication bypass that...

10CVSS1.9AI score0.99997EPSS
Exploits97
Talos Blog
Talos Blog
added 2019/02/26 10:56 a.m.1202 views

Cisco Talos Honeypot Analysis Reveals Rise in Attacks on Elasticsearch Clusters

Christopher Evans of Cisco Talos conducted the research for this post. Executive Summary Cisco Talos warns users that they need to keep a close eye on unsecured Elasticsearch clusters. We have recently observed a spike in attacks from multiple threat actors targeting these clusters. These attacke...

7.5CVSS0.2AI score0.99993EPSS
Exploits129
HackRead
HackRead
added 2018/10/22 5:33 p.m.25 views

Vesta control panel servers infected with DDoS malware after supply chain attack

By Waqas An open-source hosting panel software provider, Vesta Control Panel VestaCP, has admitted that the company became a victim of a supply chain attack. In an announcement made by VestaCP on its forum, it was revealed that the hacker managed to contaminate the source code of its project with...

2.4AI score
Exploits0
ThreatPost
ThreatPost
added 2012/10/17 6:11 p.m.7 views

Nitol Botnet Shares Code with Other China-Based DDoS Malware

Microsoft has learned that much of the code used by the Nitol malware family is copied from free malware resources hosted on Chinese websites. Microsoft posted portions of the code online this week where similar lines used for denial of service attack functionality are present in Nitol and on the...

0.4AI score
Exploits0References7
Rows per page
Query Builder