Ars Technica

Microsoft is seeing a big spike in Web shell use

Security personnel at Microsoft are seeing a big increase in the use of Web shells, the light-weight programs that hackers install so they can burrow further into compromised websites. The average ...
ZDNet

NSA shares list of vulnerabilities commonly exploited to plant web shells

US officials talk about all the methods the Chinese government and its agents have been using to target US companies and universities to steal intellectual property. Read now The US National Security ...
Bleeping Computer

Hackers exploit 2018 ThinkPHP flaws to install ‘Dama’ web shells

Chinese threat actors are targeting ThinkPHP applications vulnerable to CVE-2018-20062 and CVE-2019-9082 to install a persistent web shell named Dama. The web shell enables further exploitation of the ...
Bleeping Computer

Feature-rich Ensiko malware can encrypt, targets Windows, macOS, Linux

Threat researchers have found a new feature-rich malware that can encrypt files on any system running PHP, making it a high risk for Windows, macOS, and Linux web servers. The malware received the ...
Ars Technica

Servers running Digium Phones VoiP software are getting backdoored

Servers running the open source Asterisk communication software for Digium VoiP services are under attack by hackers who are managing to commandeer the machines to install web shell interfaces that ...