ZDNet

NSA shares list of vulnerabilities commonly exploited to plant web shells

US officials talk about all the methods the Chinese government and its agents have been using to target US companies and universities to steal intellectual property. Read now The US National Security ...
Dark Reading

What You Need to Know -- or Remember -- About Web Shells

Malware known as China Chopper is behind the recent headline-making attacks against vulnerable Microsoft Exchange Servers worldwide. China Copper is a type of malicious software known as a Web shell, ...
Dark Reading

Stealth Bomber: Atlassian Confluence Exploits Drop Web Shells In-Memory

Fresh proof-of-concept (PoC) exploits are circulating in the wild for a widely targeted Atlassian Confluence Data Center and Confluence Server flaw. The new attack vectors could enable a malicious ...
CSOonline

China’s Volt Typhoon exploits Versa zero-day to hack US ISPs and IT firms

The Chinese APT group leveraged the vulnerability to deploy a web shell that stole credentials from Versa Director SD-WAN deployments of ISPs, MSPs, and IT companies. State-sponsored Chinese hackers ...
CSOonline

SAP NetWeaver customers urged to deploy patch for critical zero-day vulnerability

The unrestricted file upload flaw is likely being exploited by an initial access broker to deploy JSP web shells that grant full access to servers and allow installing additional malware payloads.