The Hacker News

Microsoft Details Cookie-Controlled PHP Web Shells Persisting via Cron on Linux Servers

Cookie-gated PHP web shells enable persistent Linux RCE via cron-based re-creation, reducing detection in routine traffic logs.
Bleeping Computer

Elastix VoIP systems hacked in massive campaign to install PHP web shells

Threat analysts have uncovered a large-scale campaign targeting Elastix VoIP telephony servers with more than 500,000 malware samples over a period of three months. Elastix is a server software for ...
ZDNet

Hafnium’s China Chopper: a ‘slick’ and tiny web shell for creating server backdoors

Researchers have provided insight into China Chopper, a web shell used by the state-sponsored Hafnium hacking group. Hafnium is a group of cyberattackers originating from China. The collective ...
CSOonline

Open-source monitor turns into an off-the-shelf attack beacon

Hackers used log poisoning and web shells to convert Nezha into a remote access tool targeting networks across East Asia. China-affiliated hackers have quietly turned a once-benign open-source network ...