Web shells, a common type of post-exploitation tool that provides easy-to-use interface through which to issue commands to a compromised server, have become increasingly popular as attackers become ...

近日，Shadowserver基金会发布了一份警示，揭示了超过900个Sangoma FreePBX实例遭遇Web Shell攻击的惊人事实。这一系列攻击自2024年12月开始，攻击者利用了一个被称为CVE-2025-64328的命令注入漏洞，导致这些系统处于极度危险之中。

Hackers exploited CVE-2025-64328, a FreePBX command injection vulnerability, to infect hundreds of instances with web shells.

Tanya Candia is an international management expert, specializing for more than 25 years in information security strategy and communication for public- and private-sector organizations. Stealthy, ...

Fresh proof-of-concept (PoC) exploits are circulating in the wild for a widely targeted Atlassian Confluence Data Center and Confluence Server flaw. The new attack vectors could enable a malicious ...

Chinese threat actors are targeting ThinkPHP applications vulnerable to CVE-2018-20062 and CVE-2019-9082 to install a persistent web shell named Dama. The web shell enables further exploitation of the ...

The attack methods being used to abuse the bug can successfully circumvent security measures, evading detection by security endpoints during scanning. A patched critical remote code execution (RCE) ...

About 2000 Citrix NetScalers Were Compromised in Massive Attack Campaigns Your email has been sent Exploited Citrix NetScaler vulnerability Exposed NetScaler appliances backdoored with web shells ...

Hackers used log poisoning and web shells to convert Nezha into a remote access tool targeting networks across East Asia. China-affiliated hackers have quietly turned a once-benign open-source network ...