cPanel CVE-2026-41940 Under Active Exploitation to Deploy Filemanager Backdoor

A threat actor named MrRot13 has been attributed to the exploitation of a recently disclosed critical cPanel flaw to deploy a backdoor codenamed Filemanager on compromised environments. The attack exploits CVE-2026-41940, a vulnerability impacting cPanel and WebHost Manager WHM that could result ...

Beware of Big Head Ransomware: Spreading Through Fake Windows Updates

A developing piece of ransomware called Big Head is being distributed as part of a malvertising campaign that takes the form of bogus Microsoft Windows updates and Word installers. Big Head was first documented by Fortinet FortiGuard Labs last month, when it discovered multiple variants of the...

New FiXS ATM Malware Targeting Mexican Banks

A new ATM malware strain dubbed FiXS has been observed targeting Mexican banks since the start of February 2023. "The ATM malware is hidden inside another not-malicious-looking program," Latin American cybersecurity firm Metabase Q said in a report shared with The Hacker News. Besides requiring...

Threat Roundup for October 14 to October 21

Today, Talos is publishing a glimpse into the most prevalent threats we've observed between Oct. 14 and Oct. 21. As with previous roundups, this post isn't meant to be an in-depth analysis. Instead, this post will summarize the threats we've observed by highlighting key behavioral characteristics...

Threat Roundup for September 30 to October 7

Today, Talos is publishing a glimpse into the most prevalent threats we've observed between Sept. 30 and Oct. 7. As with previous roundups, this post isn't meant to be an in-depth analysis. Instead, this post will summarize the threats we've observed by highlighting key behavioral characteristics...

Threat Roundup for July 29 to August 5

Today, Talos is publishing a glimpse into the most prevalent threats we've observed between July 29 and Aug. 5. As with previous roundups, this post isn't meant to be an in-depth analysis. Instead, this post will summarize the threats we've observed by highlighting key behavioral characteristics,...

‘Lone Wolf’ APT Uses Commodity RATs

An APT described as a “lone wolf” is exploiting a decades-old Microsoft Office flaw to deliver a barrage of commodity RATs to organizations in India and Afghanistan, researchers have found. Attackers use political and government-themed malicious domains as lures in the campaign, which targets...

Threat Roundup for March 29 to April 5

Today, Talos is publishing a glimpse into the most prevalent threats we've observed between March 29 and April 05. As with previous roundups, this post isn't meant to be an in-depth analysis. Instead, this post will summarize the threats we've observed by highlighting key behavioral...

Threat Roundup for Nov. 30 to Dec. 7

Today, Talos is publishing a glimpse into the most prevalent threats we've observed between Nov. 30 and Dec. 07. As with previous roundups, this post isn't meant to be an in-depth analysis. Instead, this post will summarize the threats we've observed by highlighting key behavioral characteristics...

Dark Tequila Banking Malware Uncovered After 5 Years of Activity

Security researchers at Kaspersky Labs have uncovered a new, complex malware campaign that has been targeting customers of several Mexican banking institutions since at least 2013. Dubbed Dark Tequila, the campaign delivers an advanced keylogger malware that managed to stay under the radar for fi...

Threat Round-up for June 30 - July 07

Today, Talos is publishing a glimpse into the most prevalent threats we've observed between June 30 and July 07. As with previous round-ups, this post isn't meant to be an in-depth analysis. Instead, this post will summarize the threats we've observed by highlighting key behavior characteristics,...

HERCULES - A Special Payload Generator That Can Bypass Antivirus Softwares

HERCULES is a customizable payload generator that can bypass antivirus software. INSTALLATTION SUPPORTED PLATFORMS: Operative system | Version ---|--- Ubuntu | 16.04 / 15.10 Kali linux | Rolling / Sana Manjaro | Arch Linux | Black Arch | Parrot OS | 3.1 go get github.com/fatih/color go run Setup....

PEInjector - MITM PE file infector

The executable file format on the Windows platform is PE COFF. The peinjector provides different ways to infect these files with custom payloads without changing the original functionality. It creates patches, which are then applied seamlessly during file transfer. It is very performant,...

Shellter v1.7 - Dynamic ShellCode Injector Tool

Shellter is a dynamic shellcode injection tool, and probably the first dynamic PE infector ever created. It can be used in order to inject shellcode into native Windows applications currently 32-bit apps only. The shellcode can be something yours or something generated through a framework, such a...

Shellter - A Dynamic ShellCode Injector

Shellter is a dynamic shellcode injection tool, and probably the first dynamic PE infector ever created. It can be used in order to inject shellcode into native Windows applications currently 32-bit apps only. The shellcode can be something yours or something generated through a framework, such a...

New Pandemiya Banking Trojan Written From Scratch

Brand new, written-from-scratch malware is a relatively rare undertaking on the underground. Aside from some private endeavors, source code is available for a number of popular Trojans, including Zeus, Citadel and Carberp, making it easy for attackers to simply grab one off the shelf and get...

WebSploit Toolkit 1.6 Released

WebSploit Is An Open Source Project For Scan And Analysis Remote System From Vulnerability Description : +Autopwn - Used From Metasploit For Scan and Exploit Target Service +wmap - Scan,Crawler Target Used From Metasploit wmap plugin +format infector - inject reverse & bind payload into file form...

Trojan/Backdoor Detection - BACKDOOR Infector.1.x

Binary data 6218.prm...

Computerviren - Arten, Verfahren, Technik & Geschichte

Document Title: =============== Computerviren - Arten, Verfahren, Technik & Geschichte References: =========== https://www.vulnerability-lab.com/resources/documents/194.pdf Release Date: ============= 2011-07-17 Vulnerability Laboratory ID VL-ID: ==================================== 194 Discovery...

26 Underground Hacking Exploit Kits available for Download !

List of Hacking Exploit Kits : 1. Unknow 2. Tor 3. Target-Exploit 4. Smart pack 5. RDS 6. My poly sploit 7. multisploit 8. mypack-009 9. mypack-091 10. mypack-086 11. mypack-081 12. Mpack 13. Infector 14. Ice-pack-1 15. Ice-pack-2 16. Ice-pack-3 17. G-pack 18. Fire pack -1 19. Fire Pack -2 20...