15 matches found
EUVD-2025-7871
Malicious code in bioql PyPI...
CVE-2025-28919
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Shellbot Easy Image Display easy-image-display allows Stored XSS.This issue affects Easy Image Display: from n/a through = 1.2.5...
CVE-2025-28919
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Shellbot Easy Image Display easy-image-display allows Stored XSS.This issue affects Easy Image Display: from n/a through = 1.2.5...
CVE-2025-28919
CVE-2025-28919 affects the WordPress plugin Easy Image Display (versions ≤ 1.2.5). The issue is a Stored XSS caused by improper input neutralization during web page generation. Affected scope listed in sources shows vulnerability exists in Easy Image Display: from n/a through 1.2.5. CVSS v3.1 bas...
ShellBot Malware Evades Detection Using Hexadecimal IP Addresses
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary ShellBot malware, targeting poorly managed Linux SSH servers, now employs hexadecimal IP addresses in its download URLs to evade detection. This change highlights the need for strong security measures an...
ShellBot Uses Hex IPs to Evade Detection in Attacks on Linux SSH Servers
The threat actors behind ShellBot are leveraging IP addresses transformed into their hexadecimal notation to infiltrate poorly managed Linux SSH servers and deploy the DDoS malware. "The overall flow remains the same, but the download URL used by the threat actor to install ShellBot has changed...
Botnets Actively Exploited Realtek and Cacti Flaws
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary Attacks surged exploiting Cacti and Realtek vulnerabilities, resulting in the spread of ShellBot and Moobot malware. To receive real-time threat advisories, please follow HiveForce Labs on LinkedIn...
Cacti, Realtek, and IBM Aspera Faspex Vulnerabilities Under Active Exploitation
Critical security flaws in Cacti, Realtek, and IBM Aspera Faspex are being exploited by various threat actors in hacks targeting unpatched systems. This entails the abuse of CVE-2022-46169 CVSS score: 9.8 and CVE-2021-35394 CVSS score: 9.8 to deliver MooBot and ShellBot aka PerlBot, Fortinet...
Cacti, Realtek, and IBM Aspera Faspex Vulnerabilities Under Active Exploitation
Critical security flaws in Cacti, Realtek, and IBM Aspera Faspex are being exploited by various threat actors in hacks targeting unpatched systems. This entails the abuse of CVE-2022-46169 CVSS score: 9.8 and CVE-2021-35394 CVSS score: 9.8 to deliver MooBot and ShellBot aka PerlBot, Fortinet...
ShellBot Malware Targets Mismanaged Linux Servers
Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary ShellBot malware infects mismanaged Linux SSH servers and uses IRC protocol for C&C. To receive real-time threat advisories, please follow HiveForce Labs on LinkedIn...
ShellBot DDoS Malware Targets Linux SSH Servers
By Deeba Ahmed As per a report from AhnLab Security Emergency Response Center ASEC, poorly managed Linux SSH servers are becoming… This is a post from HackRead.com Read the original post: ShellBot DDoS Malware Targets Linux SSH Servers...
New ShellBot DDoS Malware Variants Targeting Poorly Managed Linux Servers
Poorly managed Linux SSH servers are being targeted as part of a new campaign that deploys different variants of a malware called ShellBot. "ShellBot, also known as PerlBot, is a DDoS Bot malware developed in Perl and characteristically uses IRC protocol to communicate with the C&C server," AhnLa...
New ShellBot DDoS Malware Variants Targeting Poorly Managed Linux Servers
Poorly managed Linux SSH servers are being targeted as part of a new campaign that deploys different variants of a malware called ShellBot. "ShellBot, also known as PerlBot, is a DDoS Bot malware developed in Perl and characteristically uses IRC protocol to communicate with the C&C server," AhnLa...
This Week in Security News: Fake Apps & Malicious Bots
Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days. This week, learn how the adoption of mobile banking services has grown as an opportunity for scammers with fake banking apps. Also, see how Trickbot...
New Drupalgeddon Attacks Enlist Shellbot to Open Backdoors
Researchers are warning of a new wave of cyberattacks targeting unpatched Drupal websites that are vulnerable to Drupalgeddon 2.0. What’s unique about this latest series of attacks is that adversaries are using PowerBot malware, an IRC-controlled bot also called PerlBot or Shellbot. Researchers a...