Hackers Use Leaked Shellter Tool License to Spread Lumma Stealer and SectopRAT Malware

July 8, 2025

In yet another instance of threat actors repurposing legitimate tools for malicious purposes, it has been discovered that hackers are exploiting a popular red teaming tool called Shellter to distribute stealer malware.
The company behind the software said a company that had recently purchased Shellter Elite licenses leaked their copy, prompting malicious actors to weaponize the tool for

Source: Read More

Previous ArticleEnhancing Business Operations with AI-Driven Automation Solutions

Next Article Anatsa Android Banking Trojan Hits 90,000 Users with Fake PDF App on Google Play

Highlights

CVE-2025-6517 – Dromara MaxKey Server-Side Request Forgery Vulnerability

June 23, 2025

CVE ID : CVE-2025-6517

Published : June 23, 2025, 6:15 p.m. | 2 hours, 47 minutes ago

Description : A vulnerability was found in Dromara MaxKey up to 4.1.7 and classified as critical. This issue affects the function Add of the file maxkey-websmaxkey-web-mgtsrcmainjavaorgdromaramaxkeywebappscontorllerSAML20DetailsController.java of the component Meta URL Handler. The manipulation of the argument post leads to server-side request forgery. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Severity: 6.3 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CodeSOD: A Unique Way to Primary Key

BrowserStack launches Figma plugin for detecting accessibility issues in design phase

Parasoft brings agentic AI to service virtualization in latest release

Node.js vs. Python for Backend: 7 Reasons C-Level Leaders Choose Node.js Talent

The best CRM software with email marketing in 2025: Expert tested and reviewed

This multi-port car charger can power 4 gadgets at once – and it’s surprisingly cheap

I’m a wearables editor and here are the 7 Pixel Watch 4 rumors I’m most curious about

8 ways I quickly leveled up my Linux skills – and you can too

The Intersection of Agile and Accessibility – A Series on Designing for Everyone

The Intersection of Agile and Accessibility – A Series on Designing for Everyone

Zero Trust & Cybersecurity Mesh: Your Org’s Survival Guide

Execute Ping Commands and Get Back Structured Data in PHP

A Tomb Raider composer has been jailed — His legacy overshadowed by $75k+ in loan fraud

A Tomb Raider composer has been jailed — His legacy overshadowed by $75k+ in loan fraud

“I don’t think I changed his mind” — NVIDIA CEO comments on H20 AI GPU sales resuming in China following a meeting with President Trump

Galaxy Z Fold 7 review: Six years later — Samsung finally cracks the foldable code

Hackers Use Leaked Shellter Tool License to Spread Lumma Stealer and SectopRAT Malware

GPT-5 is Coming: Revolutionizing Software Testing

Win the Accessibility Game: Combining AI with Human Judgment

CVE-2025-3321 – Apache Server Unauthenticated Local Privilege Escalation Vulnerability

Google DeepMind at ICML 2024

An innovative financial services leader finds the right AI solution: Robinhood and Amazon Nova

CVE-2025-30326 – Adobe Photoshop Uninitialized Pointer Access Vulnerability

CVE-2025-6517 – Dromara MaxKey Server-Side Request Forgery Vulnerability

CVE-2025-49865 – Helmut Wandl Advanced Settings CSRF Vulnerability

Microsoft Narrator Gets Smarter on Copilot+ PCs – Here’s What It Can Do

CVE-2025-5126 – “FLIR AX8 Remote Command Injection Vulnerability”

Hackers Use Leaked Shellter Tool License to Spread Lumma Stealer and SectopRAT Malware

Related Posts