Hades PyPI Attack: 19 Packages Poisoned to Auto-Run Bun Credential Stealer

The Miasma supply chain campaign has sparked a fresh attack wave called Hades , this time involving 37 malicious wheel artifacts across 19 packages in the Python Package Index PyPI registry, as the Mini Shai-Hulud-style attacks continue to be refined and splintered to target specific ecosystems...

Hades-C2 - Hades Basic Command And Control Server

Hades is a basic Command & Control server built using Python. It is currently extremely bare bones, but I plan to add more features soon. Features are a work in progress currently. This is a project made mostly for me to learn Malware Development, Sockets, and C2 infrastructure setups. Currently,...

Evil Corp Cybercrime Group Shifts to LockBit Ransomware to Evade Sanctions

The threat cluster dubbed UNC2165, which shares numerous overlaps with a Russia-based cybercrime group known as Evil Corp, has been linked to multiple LockBit ransomware intrusions in what's seen as an attempt by the latter to get around sanctions imposed by the U.S. Treasury in December 2019...

Evil Corp Pivots LockBit to Dodge U.S. Sanctions

Evil Corp has shifted tactics once again, this time pivoting to LockBit ransomware after U.S. sanctions have made it difficult for the cybercriminal group to reap financial gain from its activity, researchers have found. Researchers from Mandiant Intelligence have been tracking a “financially...

Hades RAT Web Panel Cross Site Scripting Vulnerability

Original source: https://malvuln.com/advisory/c4cc1317aea42f7dd4a1b786c5278a24C.txt Contact: email protected Media: twitter.com/malvuln Threat: Hades RAT - Web Panel Vulnerability: Remote Persistent XSS Family: Hades Type: WebUI MD5: c4cc1317aea42f7dd4a1b786c5278a24 MD5:...

Hades RAT Web Panel Information Disclosure Vulnerability

Original source: https://malvuln.com/advisory/c4cc1317aea42f7dd4a1b786c5278a24B.txt Contact: email protected Media: twitter.com/malvuln Threat: Hades RAT - Web Panel Vulnerability: Information Disclosure Description: The Hades Rat web-panel listens on Port 80. There is no authentication check or...

Hades RAT Web Panel Insecure Credential Storage Vulnerability

Original source: https://malvuln.com/advisory/c4cc1317aea42f7dd4a1b786c5278a24.txt Contact: email protected Media: twitter.com/malvuln Threat: Hades RAT - Web Panel Vulnerability: Insecure Credential Storage Family: Hades Type: WebUI MD5: c4cc1317aea42f7dd4a1b786c5278a24 MD5:...

Hades RAT Web Panel Information Disclosure

Discovery / credits: Malvuln - malvuln.com c 2022 Original source: https://malvuln.com/advisory/c4cc1317aea42f7dd4a1b786c5278a24B.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Hades RAT - Web Panel Vulnerability: Information Disclosure Description: The Hades Rat web-panel...

Hades RAT Web Panel Insecure Credential Storage

Discovery / credits: Malvuln - malvuln.com c 2022 Original source: https://malvuln.com/advisory/c4cc1317aea42f7dd4a1b786c5278a24.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Hades RAT - Web Panel Vulnerability: Insecure Credential Storage Family: Hades Type: WebUI MD5:...

Hades RAT Web Panel Cross Site Scripting

Discovery / credits: Malvuln - malvuln.com c 2022 Original source: https://malvuln.com/advisory/c4cc1317aea42f7dd4a1b786c5278a24C.txt Contact: [email protected] Media: twitter.com/malvuln Threat: Hades RAT - Web Panel Vulnerability: Remote Persistent XSS Family: Hades Type: WebUI MD5:...

Experts Shed Light On Distinctive Tactics Used by Hades Ransomware

Cybersecurity researchers on Tuesday disclosed "distinctive" tactics, techniques, and procedures TTPs adopted by operators of Hades ransomware that set it apart from the rest of the pack, attributing it to a financially motivated threat group called GOLD WINTER. "In many ways, the GOLD WINTER...

hades-presse.com Cross Site Scripting vulnerability

Security Researcher Hchabik Helped patch 2349 vulnerabilities Received 5 Coordinated Disclosure badges Received 2 recommendations , a holder of 5 badges for responsible and coordinated disclosure, found a security vulnerability affecting hades-presse.com website and its users. Following coordinat...

APT review of the year

What were the most interesting developments in terms of APT activity throughout the year and what can we learn from them? Not an easy question to answer; everybody has partial visibility and it's never possible to really understand the motivations of some attacks or the developments behind them...

WordPress 0day - Hades Plus Framework Add Administrator

Exploit for php platform in category web applications Exploit Title : WordPress 0day - Hades Plus Framework Add Administrator Exploit Author : NULLPointer Date : 18/09/2014 Version: 6.2 Tested on : Linux, Windows 7 -------------------------------------------------------------- WordPress Hades...

Archin WordPress Theme 3.2 Unauthenticated Configuration Access

No description provided by source. Exploit Title: Archin WordPress Theme Unauthenticated Configuration Access Date: Sept 29, 2012 Exploit Author: bwall @bwallHatesTwits Vendor Homepage: http://themeforest.net/user/wptitans Software Link:...

WordPress Theme Archin 3.2 - Configuration Access

Exploit Title: Archin WordPress Theme Unauthenticated Configuration Access Date: Sept 29, 2012 Exploit Author: bwall @bwallHatesTwits Vendor Homepage: http://themeforest.net/user/wptitans Software Link: http://themeforest.net/item/archin-premium-wordpress-business-theme/239432 Version: 3.2 Tested...

Archin WordPress Theme Unauthenticated Configuration Access

Exploit for php platform in category web applications Exploit Title: Archin WordPress Theme Unauthenticated Configuration Access Date: Sept 29, 2012 Exploit Author: bwall @bwallHatesTwits Vendor Homepage: http://themeforest.net/user/wptitans Software Link:...

Unfixed XSS vulnerability at cercador.gencat.cat

Security researcher hades, has submitted on 10/07/2009 a cross-site-scripting XSS vulnerability affecting cercador.gencat.cat, which at the time of submission ranked 6814 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 11/12/2011. It is current...

Unfixed XSS vulnerability at www.unitech-international.org

Security researcher hades, has submitted on 25/02/2009 a cross-site-scripting XSS vulnerability affecting www.unitech-international.org, which at the time of submission ranked 3939552 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 01/07/2009. ...

Unfixed XSS vulnerability at www.grupmassoler.com

Security researcher hades, has submitted on 22/01/2009 a cross-site-scripting XSS vulnerability affecting www.grupmassoler.com, which at the time of submission ranked 0 on the web according to Alexa. We manually validated and published a mirror of this vulnerability on 29/06/2009. It is currently...