Log poisoning of an exposed phpMyAdmin allowed a China Chopper web shell + AntSword access; threat actor then deployed Nezha and Ghost RAT. AWS IP 54.46.50.255 observed. #Nezha #GhostRAT #log_poisoning https://bit.ly/43dFcLN
0
0
0
0