Dark Reading

Attackers Exploit Log4j Flaws in Hands-on-Keyboard Attacks to Drop Reverse Shells

Microsoft this week warned organizations about the high potential for threat actors to expand the use of the recently discovered remote code execution (RCE) vulnerabilities in the Apache Log4j logging ...
Bleeping Computer

Hackers exploit Four-Faith router flaw to open reverse shells

Threat actors are exploiting a post-authentication remote command injection vulnerability in Four-Faith routers tracked as CVE-2024-12856 to open reverse shells back to the attackers. The malicious ...
CSOonline

Chinese APT Billbug deploys new malware toolset in attack on multiple sectors

Latest campaign from the group also known as Lotus Blossom and Lotus Panda targeted Southeast Asian organizations with a new backdoor variant, Chrome credential stealers, and a reverse shell program.