Taiwan Web Servers Breached by UAT-7237 Using Customized Open-Source Hacking Tools

A Chinese-speaking advanced persistent threat APT actor has been observed targeting web infrastructure entities in Taiwan using customized versions of open-sourced tools with an aim to establish long-term access within high-value victim environments. The activity has been attributed by Cisco Talo...

CVE-2025-24775 WordPress Forms <= 2.9.0 - Arbitrary File Upload Vulnerability

Unrestricted Upload of File with Dangerous Type vulnerability in Made I.T. Forms forms-by-made-it allows Upload a Web Shell to a Web Server.This issue affects Forms: from n/a through = 2.9.0...

CVE-2025-24775 WordPress Forms <= 2.9.0 - Arbitrary File Upload Vulnerability

Unrestricted Upload of File with Dangerous Type vulnerability in Made I.T. Forms forms-by-made-it allows Upload a Web Shell to a Web Server.This issue affects Forms: from n/a through = 2.9.0...

PT-2025-33245

Name of the Vulnerable Software and Affected Versions: epiphyt Form Block versions n/a through 1.5.5 Description: An unrestricted file upload issue exists in epiphyt Form Block, allowing the upload of a web shell to a web server. This enables malicious actors to potentially gain control of the...

Imperva Customers Protected Against Critical “ToolShell” Zero‑Day in Microsoft SharePoint

A critical zero-day vulnerability in Microsoft SharePoint, tracked as CVE-2025-53770, is under active exploitation in the wild. The vulnerability, with a CVSS score of 9.8, impacts on-premises SharePoint Server 2016, 2019, and Subscription Edition, and allows unauthenticated remote code execution...

Exploit for Deserialization of Untrusted Data in Microsoft

ZeroPoint.ps1 ⚠ A defensive PowerShell utility to detect an...

WordPress plugin Medical Prescription Attachment Plugin for WooCommerce 代码问题漏洞

WordPress Medical Prescription Attachment Plugin for WooCommerce is a plugin designed for WooCommerce, mainly used to help online pharmacies to realize the function of customers uploading doctor's prescription files in order to purchase medicines, vaccines and so on. WordPress Medical Prescriptio...

CLSA-2025-1751042683 Update of tzdata

Upgrade to tzdata-2025b - New zone for Aysén Region in Chile which moves from -04/-03 to -03. - Paraguay adopted permanent -03 starting spring 2024. - Improve pre-1991 data for the Philippines. - Etc/Unknown is now reserved. - Improve historical data for Mexico, Mongolia, and Portugal. - System V...

CVE-2022-33179

A vulnerability in Brocade Fabric OS CLI before Brocade Fabric OS v9.1.0, 9.0.1e, 8.2.3c, and 7.4.2j could allow a local authenticated user to break out of restricted shells with “set context” and escalate privileges...

CVE-2020-28939

OpenClinic version 0.8.2 is affected by a medical/testnew.php insecure file upload vulnerability. This vulnerability allows authenticated users with substantial privileges to upload malicious files, such as PHP web shells, which can lead to arbitrary code execution on the application server...

BianLian and RansomExx Exploit SAP NetWeaver Flaw to Deploy PipeMagic Trojan

At least two different cybercrime groups BianLian and RansomExx are said to have exploited a recently disclosed security flaw in SAP NetWeaver tracked as CVE-2025-31324, indicating that multiple threat actors are taking advantage of the bug. Cybersecurity firm ReliaQuest, in a new update publishe...

Chinese Hackers Exploit SAP RCE Flaw CVE-2025-31324, Deploy Golang-Based SuperShell

A China-linked unnamed threat actor dubbed Chaya004 has been observed exploiting a recently disclosed security flaw in SAP NetWeaver. Forescout Vedere Labs, in a report published Thursday, said it uncovered a malicious infrastructure likely associated with the hacking group weaponizing...

SAP NetWeaver Flaw Scores 10.0 Severity as Hackers Deploy Web Shells

A critical vulnerability CVE-2025-31324 in SAP NetWeaver Visual Composer puts systems at risk of full compromise. Learn how…...

New Critical SAP NetWeaver Flaw Exploited to Drop Web Shell, Brute Ratel Framework

Threat actors are likely exploiting a new vulnerability in SAP NetWeaver to upload JSP web shells with the goal of facilitating unauthorized file uploads and code execution. "The exploitation is likely tied to either a previously disclosed vulnerability like CVE-2017-9844 or an unreported remote...

CISA Releases Malware Analysis Report on RESURGE Malware Associated with Ivanti Connect Secure

CISA has published a Malware Analysis Report MAR with analysis and associated detection signatures on a new malware variant CISA has identified as RESURGE. RESURGE contains capabilities of the SPAWNCHIMERA1link is external malware variant, including surviving reboots; however, RESURGE contains...

Chinese Hackers Breach Asian Telecom, Remain Undetected for Over 4 Years

A major telecommunications company located in Asia was allegedly breached by Chinese state-sponsored hackers who spent over four years inside its systems, according to a new report from incident response firm Sygnia. The cybersecurity company is tracking the activity under the name Weaver Ant ,...

UAT-5918 Targets Taiwan's Critical Infrastructure Using Web Shells and Open-Source Tools

Threat hunters have uncovered a new threat actor named UAT-5918 that has been attacking critical infrastructure entities in Taiwan since at least 2023. "UAT-5918, a threat actor believed to be motivated by establishing long-term access for information theft, uses a combination of web shells and...

CVE-2025-2396

The U-Office Force from e-Excellence has an Arbitrary File Upload vulnerability, allowing remote attackers with regular privileges to upload and execute web shell backdoors, thereby enabling arbitrary code execution on the server...

CVE-2025-1388

Orca HCM from LEARNING DIGITAL has an Arbitrary File Upload vulnerability, allowing remote attackers with regular privileges to upload and run web shells...

CVE-2025-1388

Orca HCM from LEARNING DIGITAL has an Arbitrary File Upload vulnerability, allowing remote attackers with regular privileges to upload and run web shells...