Popular Web Shell Variants Contain a Hidden Backdoor
Variants of popular PHP web shells have been popping up and analysis reveals that they contain a hidden backdoor used to steal the unauthorized access.
Magento PHP One-Liner Backdoor
Analysis of a PHP one-liner found injected on Magento ecommerce websites and learn how it is used by attackers.
WordPress Injection Exfiltrates Admin Login
wp-login.php injection silently exfiltrates a victim’s username and password back to the attacker’s server.
Malware Disables Wordfence Security Plugin & Forges Timestamps
A malicious PHP file is used to take down Wordfence plugin before it adjusts its own mtime timestamp.
PHP Injector Makes Evil Use of error_log
A PHP backdoor that injects its payload into the default PHP error_log