CSO Online

China-linked cloud credential heist runs on typos and SMTP

The Linux-based ELF backdoor is targeting cloud workloads across providers, using SMTP-based C2 and typosquatted Alibaba domains to harvest credentials and metadata.
Reuters

Shell flags lower gas output, capital outflow amid Iran conflict but sees oil trading boost

LONDON, April 8 (Reuters) - Shell said on Wednesday that weaker first-quarter ‌gas output and a hit to short-term liquidity would be offset partly by stronger oil trading, offering an early glimpse ...
SecurityWeek

Guardarian Users Targeted With Malicious Strapi NPM Packages

A threat actor has targeted the Strapi ecosystem in a fresh supply chain attack involving 36 malicious NPM packages, according to supply chain security firm SafeDep. An open source headless CMS built ...
GitHub

Recon Presets

RedAmon has two preset systems that let you skip manual configuration: Built-in Recon Presets-- 21 curated recon pipeline configurations covering common scenarios from quick bug bounty scans to ...
GitHub

a exec jsp shell, simply like weevely php C/S shell

module_db.jsp: operate DB, it can remove itself by using a timer module_uploadbin.jsp: upload binary file reverse_shell.jsp: from msf...(#TODO, such as jfolder.jsp, do it by yourself) I code it before ...