SecurityWeek

New Attack Abuses Claude Code and Harmless-Looking Repositories to Hijack Developer Machines

Attackers can inject indirect prompts in normal-looking repositories to trick Claude Code into spawning a reverse shell.

Clean GitHub repo tricks AI coding agents into running malware

An agentic coding tool tasked with cloning and setting up a seemingly benign GitHub repository could execute a malicious ...
SecurityWeek

Cryptominers, Reverse Shells Dropped in Recent React2Shell Attacks

Two IP addresses accounted for the majority of the 1.4 million exploitation attempts observed over the past week. React2Shell exploitation activity remains strong, with over 1.4 million attempts ...
GitHub

Penetration Test Report — VulnHub: The Planets — Earth

This document is a full technical project overview and penetration test report for the VulnHub virtual machine The Planets: Earth. The objective of this engagement was to enumerate, exploit, and ...
LinkedIn

Reverse Shells Explained: Techniques, Tools, and Countermeasures

Let’s be honest: effective communication is key in any organisation, and this holds especially true in the realm of cybersecurity. While it’s the responsibility of cybersecurity professionals to ...
LinkedIn

Linux Reverse Shell that (Almost) Always Works

A Linux reverse shell is a powerful tool for penetration testers and attackers alike. By leveraging common tools like Bash, Python, Netcat, or Socat, you can craft a reverse shell that (almost) always ...
GitHub

Shells&Payloads.md

use exploit/windows/smb/psexec Metasploit exploit module that can be used on vulnerable Windows system to establish a shell session utilizing smb & psexec shell ...
makeuseof

A Beginner's Guide to Metasploit in Kali Linux (With Practical Examples)

Rumaisa is a freelance writer at MUO. She has worn many hats, from a Mathematician to an Information Security enthusiast, and is now working as a SOC Analyst. Her interests include reading and writing ...