Web shells, a common type of post-exploitation tool that provides easy-to-use interface through which to issue commands to a compromised server, have become increasingly popular as attackers become ...

近日，Shadowserver基金会发布了一份警示，揭示了超过900个Sangoma FreePBX实例遭遇Web Shell攻击的惊人事实。这一系列攻击自2024年12月开始，攻击者利用了一个被称为CVE-2025-64328的命令注入漏洞，导致这些系统处于极度危险之中。

Tanya Candia is an international management expert, specializing for more than 25 years in information security strategy and communication for public- and private-sector organizations. Stealthy, ...

Fresh proof-of-concept (PoC) exploits are circulating in the wild for a widely targeted Atlassian Confluence Data Center and Confluence Server flaw. The new attack vectors could enable a malicious ...

The attack methods being used to abuse the bug can successfully circumvent security measures, evading detection by security endpoints during scanning. A patched critical remote code execution (RCE) ...

Chinese threat actors are targeting ThinkPHP applications vulnerable to CVE-2018-20062 and CVE-2019-9082 to install a persistent web shell named Dama. The web shell enables further exploitation of the ...

Hackers used log poisoning and web shells to convert Nezha into a remote access tool targeting networks across East Asia. China-affiliated hackers have quietly turned a once-benign open-source network ...

About 2000 Citrix NetScalers Were Compromised in Massive Attack Campaigns Your email has been sent Exploited Citrix NetScaler vulnerability Exposed NetScaler appliances backdoored with web shells ...