The Hacker News

New Threat Cluster OP-512 Targets Microsoft IIS Servers with Custom Web Shell Framework

A newly identified China-linked threat cluster, OP-512, is targeting Microsoft IIS servers with a custom three-web-shell ...

KnowledgeDeliver flaw exploited as a zero-day to install web shells

Hackers exploited a critical zero-day vulnerability in a server running the KnowledgeDeliver learning management system (LMS) to deploy the Godzilla web shell.
Statetechmagazine

How to Detect and Remove Threatening Web Shells

Tanya Candia is an international management expert, specializing for more than 25 years in information security strategy and communication for public- and private-sector organizations. Stealthy, ...
SecurityWeek

Hackers Exploited KnowledgeDeliver Zero-Day for Web Shell Deployment

CVE-2026-5426, a hardcoded ASP.NET machineKey in KnowledgeDeliver, was exploited as a zero-day in ViewState deserialization ...
HotHardware

Microsoft Warns Web Shell Attacks That Maliciously Harness Servers Increased Dramatically In 2020

As long as computers have been around, there have been hackers who have progressively improved and become sneakier at exploiting them. Last year, Microsoft used Microsoft 365 Defender data to find ...
ZDNet

Microsoft says it detects 77,000 active web shells on a monthly basis

This ebook, based on the latest ZDNet/TechRepublic special feature, offers a detailed look at how to build risk management policies to protect your critical digital assets. Read now In a blog post ...
CSOonline

9 tips to detect and prevent web shell attacks on Windows networks

Attackers often use web shells to mimic legitimate files and compromise web servers. These best practices will lower your risk. One tool that bad guys use to go after your web servers is a web shell.