top of page
ALL POSTS
Critical WordPress Vulnerabilities: Valve Platform and Forms Plugin Exploited for Web Shell Distribution
Key Findings Gaming platform profiles weaponized to distribute WordPress web shells via invisible Unicode steganography Nearly 2,000 websites compromised through Steam profile command injection technique Critical Everest Forms Pro vulnerability (CVE-2026-3300, CVSS 9.8) actively exploited to create rogue admin accounts Attackers using cookie-authenticated backdoors to maintain persistent access and rewrite code remotely Over 17,900 exploit attempts blocked in single day as at
Jun 43 min read
Attackers Exploiting Unpatched ShowDoc Servers Via CVE-2025-0520
Key Findings Critical remote code execution vulnerability CVE-2025-0520 in ShowDoc is under active exploitation in the wild with a CVSS score of 9.4 Unrestricted file upload flaw allows unauthenticated attackers to deploy web shells and execute arbitrary code on vulnerable servers Vulnerability affects all ShowDoc versions prior to 2.8.7, which was released in October 2020 Over 2,000 exposed ShowDoc instances remain online, with the majority located in China Threat actors hav
Apr 142 min read
Sangoma FreePBX Vulnerability Exploited, Impacts Over 900 Instances
Key Findings About 900 Sangoma FreePBX systems were infected with web shells after attackers exploited a command injection flaw. Hundreds of Sangoma FreePBX instances are still infected with web shells following attacks that began in December 2025. The campaign exploited a post-authentication command injection vulnerability, tracked as CVE-2025-64328 (CVSS score of 8.6), in the endpoint manager interface. The Shadowserver Foundation reports that around 900 FreePBX instances a
Mar 12 min read
bottom of page
