Bleeping Computer

Hackers exploit 2018 ThinkPHP flaws to install ‘Dama’ web shells

Chinese threat actors are targeting ThinkPHP applications vulnerable to CVE-2018-20062 and CVE-2019-9082 to install a persistent web shell named Dama. The web shell enables further exploitation of the ...
Ars Technica

Passing multiple lines into a PHP shell_exec() command

I've got a PHP website that needs to call a java class in order to interface with another database. I need to be able to pass an argument into the java class that was generated on the page, but also ...
Ars Technica

Servers running Digium Phones VoiP software are getting backdoored

Servers running the open source Asterisk communication software for Digium VoiP services are under attack by hackers who are managing to commandeer the machines to install web shell interfaces that ...
Bleeping Computer

Feature-rich Ensiko malware can encrypt, targets Windows, macOS, Linux

Threat researchers have found a new feature-rich malware that can encrypt files on any system running PHP, making it a high risk for Windows, macOS, and Linux web servers. The malware received the ...