The Hacker News

New Threat Cluster OP-512 Targets Microsoft IIS Servers with Custom Web Shell Framework

A newly identified China-linked threat cluster, OP-512, is targeting Microsoft IIS servers with a custom three-web-shell ...

KnowledgeDeliver flaw exploited as a zero-day to install web shells

Hackers exploited a critical zero-day vulnerability in a server running the KnowledgeDeliver learning management system (LMS) to deploy the Godzilla web shell.
Statetechmagazine

How to Detect and Remove Threatening Web Shells

Tanya Candia is an international management expert, specializing for more than 25 years in information security strategy and communication for public- and private-sector organizations. Stealthy, ...
SecurityWeek

Hackers Exploited KnowledgeDeliver Zero-Day for Web Shell Deployment

CVE-2026-5426, a hardcoded ASP.NET machineKey in KnowledgeDeliver, was exploited as a zero-day in ViewState deserialization attacks.
Dark Reading

Stealth Bomber: Atlassian Confluence Exploits Drop Web Shells In-Memory

Fresh proof-of-concept (PoC) exploits are circulating in the wild for a widely targeted Atlassian Confluence Data Center and Confluence Server flaw. The new attack vectors could enable a malicious ...
Windows Latest

Microsoft is rewriting Windows 11 shell in native code, killing the web slop slowing your PC

To fix performance issues, Microsoft is replacing sluggish React Native and WebView components in Windows 11 shell with fast ...
Technobezz

Microsoft Confirms It Is Rewriting Windows 11 Shell Components in Native WinUI Code

Microsoft confirms it is replacing Windows 11's web-based shell components with native WinUI code to fix performance issues.