webshell

Microsoft’s SharePoint on-premises ecosystem is once again at the center of a high-risk security incident: an untrusted-deserialization remote code execution (RCE) class of weaknesses is being actively exploited against internet-facing SharePoint Server deployments, and an exact CVE identifier...

ESET researchers have uncovered a compact but sophisticated campaign — tracked as GhostRedirector — that has secretly turned at least 65 Internet‑facing Windows servers into a stealthy SEO‑fraud network while simultaneously installing a resilient native backdoor for long‑term access. (eset.com)...

ESET’s researchers have uncovered a previously undocumented threat cluster that covertly poisons legitimate IIS-hosted websites to manipulate Google rankings while also planting a stealthy C++ backdoor on Windows servers — a campaign ESET calls GhostRedirector that, according to an internet-wide...

ESET researchers have uncovered a compact but sophisticated campaign — tracked as GhostRedirector — that has compromised at least 65 Internet‑facing Windows servers and combined a native C++ backdoor with a malicious IIS native module to deliver long‑lived persistence and server‑side SEO fraud...

ESET Research has uncovered a previously undocumented threat actor it calls GhostRedirector, which in June 2025 was found to have compromised at least 65 Windows servers across multiple countries and deployed two custom tools — a C++ backdoor named Rungan and a native IIS module named Gamshen...

CISA has added a critical Citrix NetScaler vulnerability — CVE-2025-7775 — to its Known Exploited Vulnerabilities (KEV) Catalog after evidence of active exploitation, prompting an urgent patch-and-verify cycle for NetScaler ADC and NetScaler Gateway operators worldwide. Background CVE-2025-7775...

The identifier CVE-2025-49712 does not appear in any public, authoritative advisory or vulnerability database at this time; the single URL you supplied resolves to Microsoft’s update guide infrastructure but returns no accessible content without JavaScript, and independent searches for...

On May 22, 2025, Commvault, a prominent enterprise data backup provider, issued an urgent advisory concerning active cyber threat activity targeting its Metallic software-as-a-service (SaaS) application, hosted within the Microsoft Azure cloud environment. The U.S. Cybersecurity and...

Original release date: October 11, 2018 Summary This report is a collaborative research effort by the cyber security authorities of five nations: Australia, Canada, New Zealand, the United Kingdom, and the United States.Link Removed[2][3][4]Link Removed In it we highlight the use of five...