Chinese Hackers Target Linux Systems Using SNOWLIGHT Malware and VShell Tool

April 15, 2025

The China-linked threat actor known as UNC5174 has been attributed to a new campaign that leverages a variant of a known malware dubbed SNOWLIGHT and a new open-source tool called VShell to infect Linux systems.
“Threat actors are increasingly using open source tools in their arsenals for cost-effectiveness and obfuscation to save money and, in this case, plausibly blend in with the pool of

Source: Read More

Previous ArticleThe AI Fix #46: AI can read minds now, and is your co-host a clone?

Next Article Critical Apache Roller Vulnerability (CVSS 10.0) Enables Unauthorized Session Persistence

Highlights

CVE-2025-34118 – Linknat VOS Manager Path Traversal Vulnerability

July 16, 2025

CVE ID : CVE-2025-34118

Published : July 16, 2025, 9:15 p.m. | 5 hours, 47 minutes ago

Description : A path traversal vulnerability exists in Linknat VOS Manager versions prior to 2.1.9.07, including VOS2009 and early VOS3000 builds, that allows unauthenticated remote attackers to read arbitrary files on the server. The vulnerability is accessible via multiple localized subpaths such as ‘/eng/’, ‘/chs/’, or ‘/cht/’, where the ‘js/lang_en_us.js’ or equivalent files are loaded. By injecting encoded traversal sequences such as ‘%c0%ae%c0%ae’ into the request path, attackers can bypass input validation and disclose sensitive files.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE-2025-49885 – HaruTheme WooCommerce Drag and Drop Multiple File Upload Unrestricted Upload of File with Dangerous Type Vulnerability

June 27, 2025

How to use AI as an accelerator, not a crutch, with freelance engineer Ankur Tyagi [Podcast #186]

August 30, 2025

Build an AI-powered document processing platform with open source NER model and LLM on Amazon SageMaker

April 23, 2025

10 Top Generative AI Development Companies for Enterprise Node.js Projects

Prompting Is A Design Act: How To Brief, Guide And Iterate With AI

Best React.js Development Services in 2025: Features, Benefits & What to Look For

August 2025: AI updates from the past month

This 3-in-1 charger has a retractable superpower that’s a must for travel

How a legacy hardware company reinvented itself in the AI age

The 13+ best Walmart Labor Day deals 2025: Sales on Apple, Samsung, LG, and more

You can save up to $700 on my favorite Bluetti power stations for Labor Day

Call for Speakers – JS Conf Armenia 2025

Call for Speakers – JS Conf Armenia 2025

Streamlining Application Automation with Laravel’s Task Scheduler

A Fluent Path Builder for PHP and Laravel

Windows 11 KB5064081 24H2 adds taskbar clock, direct download links for .msu offline installer

Windows 11 KB5064081 24H2 adds taskbar clock, direct download links for .msu offline installer

My Family Cinema not Working? 12 Quick Fixes

Super-linter – collection of linters and code analyzers

Chinese Hackers Target Linux Systems Using SNOWLIGHT Malware and VShell Tool

How to Evaluate Jailbreak Methods: A Case Study with the StrongREJECT Benchmark

Scaling Up Reinforcement Learning for Traffic Smoothing: A 100-AV Highway Deployment

How to Set Your Primary Monitor (Without Wanting to Throw Your Mouse)

CVE-2024-6235: NetScaler Console Flaw Enables Admin Access, PoC Publishes

CVE-2025-3302 – Xagio SEO – WordPress Stored Cross-Site Scripting

CVE-2025-5320 – Gradio CORS Handler Origin Validation Bypass Vulnerability

CVE-2025-34118 – Linknat VOS Manager Path Traversal Vulnerability

CVE-2025-49885 – HaruTheme WooCommerce Drag and Drop Multiple File Upload Unrestricted Upload of File with Dangerous Type Vulnerability

How to use AI as an accelerator, not a crutch, with freelance engineer Ankur Tyagi [Podcast #186]

Build an AI-powered document processing platform with open source NER model and LLM on Amazon SageMaker

Chinese Hackers Target Linux Systems Using SNOWLIGHT Malware and VShell Tool

Related Posts