The Hacker News

New Threat Cluster OP-512 Targets Microsoft IIS Servers with Custom Web Shell Framework

A newly identified China-linked threat cluster, OP-512, is targeting Microsoft IIS servers with a custom three-web-shell framework for espionage.
latesthackingnews.com

CVE-2026-48907: How the Joomla JCE Exploit Works and What to Do About It

CVE-2026-48907 in the Joomla JCE plugin lets unauthenticated attackers drop PHP web shells with a single crafted request.
HotHardware

Microsoft Warns Web Shell Attacks That Maliciously Harness Servers Increased Dramatically In 2020

As long as computers have been around, there have been hackers who have progressively improved and become sneakier at exploiting them. Last year, Microsoft used Microsoft 365 Defender data to find ...
ZDNet

Microsoft says it detects 77,000 active web shells on a monthly basis

This ebook, based on the latest ZDNet/TechRepublic special feature, offers a detailed look at how to build risk management policies to protect your critical digital assets. Read now In a blog post ...
CSOonline

9 tips to detect and prevent web shell attacks on Windows networks

Attackers often use web shells to mimic legitimate files and compromise web servers. These best practices will lower your risk. One tool that bad guys use to go after your web servers is a web shell.
Bleeping Computer

NSA: Hackers exploit these vulnerabilities to deploy backdoors

The U.S. National Security Agency (NSA) and the Australian Signals Directorate (ASD) have issued a joint report warning of threat actors increasingly exploiting vulnerable web servers to deploy web ...
Dark Reading

What You Need to Know -- or Remember -- About Web Shells

Malware known as China Chopper is behind the recent headline-making attacks against vulnerable Microsoft Exchange Servers worldwide. China Copper is a type of malicious software known as a Web shell, ...