Web shells, a common type of post-exploitation tool that provides easy-to-use interface through which to issue commands to a compromised server, have become increasingly popular as attackers become ...

Tanya Candia is an international management expert, specializing for more than 25 years in information security strategy and communication for public- and private-sector organizations. Stealthy, ...

The attack methods being used to abuse the bug can successfully circumvent security measures, evading detection by security endpoints during scanning. A patched critical remote code execution (RCE) ...

A Chinese advanced persistent threat (APT) actor was caught in the middle of a sophisticated, multiyear attack against a telecom company in Asia — a story of cyber espionage that is becoming all too ...

The unrestricted file upload flaw is likely being exploited by an initial access broker to deploy JSP web shells that grant full access to servers and allow installing additional malware payloads.

A newly uncovered cyber campaign featuring the open-source tool Nezha has been observed targeting vulnerable web applications. Beginning in August 2025, Huntress analysts traced a sophisticated ...

CISA is warning of new malware targeting vulnerable Ivanti products Multiple products, vulnerable to a 2024 flaw, are being targeted The malware can create web shells, harvest credentials, and more ...

Cisco Talos spotted a new threat actor, tracked as UAT-7237 The group resembles the "typhoon" Chinese state-sponsored groups It targeted web hosting firms in Taiwan Chinese hacking groups are now ...