Bleeping Computer

NSA: Hackers exploit these vulnerabilities to deploy backdoors

The U.S. National Security Agency (NSA) and the Australian Signals Directorate (ASD) have issued a joint report warning of threat actors increasingly exploiting vulnerable web servers to deploy web ...
Dark Reading

Stealth Bomber: Atlassian Confluence Exploits Drop Web Shells In-Memory

Fresh proof-of-concept (PoC) exploits are circulating in the wild for a widely targeted Atlassian Confluence Data Center and Confluence Server flaw. The new attack vectors could enable a malicious ...
Statetechmagazine

How to Detect and Remove Threatening Web Shells

Tanya Candia is an international management expert, specializing for more than 25 years in information security strategy and communication for public- and private-sector organizations. Stealthy, ...
InfoQ

Critical Control Web Panel Vulnerability Still Under Exploit Months After Patch Available

A 9.8 severity vulnerability in Control Web Panel, previously known as CentOS Web Panel, allows an attacker to remotely execute arbitrary shell commands through a very simple mechanism. Although ...
Dark Reading

What You Need to Know -- or Remember -- About Web Shells

Malware known as China Chopper is behind the recent headline-making attacks against vulnerable Microsoft Exchange Servers worldwide. China Copper is a type of malicious software known as a Web shell, ...
Bleeping Computer

Hackers exploit Control Web Panel flaw to open reverse shells

Hackers are actively exploiting a critical vulnerability patched recently in Control Web Panel (CWP), a tool for managing servers formerly known as CentOS Web Panel. The security issue is identified ...
CSOonline

China’s Volt Typhoon exploits Versa zero-day to hack US ISPs and IT firms

The Chinese APT group leveraged the vulnerability to deploy a web shell that stole credentials from Versa Director SD-WAN deployments of ISPs, MSPs, and IT companies. State-sponsored Chinese hackers ...