Web shells, a common type of post-exploitation tool that provides easy-to-use interface through which to issue commands to a compromised server, have become increasingly popular as attackers become ...

Hackers exploited CVE-2025-64328, a FreePBX command injection vulnerability, to infect hundreds of instances with web shells.

Over 900 FreePBX systems remain infected after CVE-2025-64328 exploitation, now listed in CISA KEV amid active attacks.

Tanya Candia is an international management expert, specializing for more than 25 years in information security strategy and communication for public- and private-sector organizations. Stealthy, ...

Fresh proof-of-concept (PoC) exploits are circulating in the wild for a widely targeted Atlassian Confluence Data Center and Confluence Server flaw. The new attack vectors could enable a malicious ...

Cybersecurity researchers report active exploitation of a critical BeyondTrust flaw enabling web shells, backdoors and data theft.

The attack methods being used to abuse the bug can successfully circumvent security measures, evading detection by security endpoints during scanning. A patched critical remote code execution (RCE) ...

Are you willing to hack and take control of Chinese websites for a random person for up to $100,000 a month? “We are recruiting webshell engineers and teams to penetrate Chinese websites worldwide, ...

Cisco Talos spotted a new threat actor, tracked as UAT-7237 The group resembles the "typhoon" Chinese state-sponsored groups It targeted web hosting firms in Taiwan Chinese hacking groups are now ...

About 2000 Citrix NetScalers Were Compromised in Massive Attack Campaigns Your email has been sent Exploited Citrix NetScaler vulnerability Exposed NetScaler appliances backdoored with web shells ...

A newly uncovered cyber campaign featuring the open-source tool Nezha has been observed targeting vulnerable web applications. Beginning in August 2025, Huntress analysts traced a sophisticated ...