Bleeping Computer

Elastix VoIP systems hacked in massive campaign to install PHP web shells

Threat analysts have uncovered a large-scale campaign targeting Elastix VoIP telephony servers with more than 500,000 malware samples over a period of three months. Elastix is a server software for ...
SecurityWeek

900 Sangoma FreePBX Instances Infected With Web Shells

Hackers exploited CVE-2025-64328, a FreePBX command injection vulnerability, to infect hundreds of instances with web shells.
Ars Technica

Servers running Digium Phones VoiP software are getting backdoored

Servers running the open source Asterisk communication software for Digium VoiP services are under attack by hackers who are managing to commandeer the machines to install web shell interfaces that ...
ZDNet

NSA shares list of vulnerabilities commonly exploited to plant web shells

US officials talk about all the methods the Chinese government and its agents have been using to target US companies and universities to steal intellectual property. Read now The US National Security ...
Dark Reading

Inside the Web Shell Used in the Microsoft Exchange Server Attacks

China Chopper Web shells are an older threat causing new problems for many organizations targeted in ongoing attacks against vulnerable Microsoft Exchange Servers worldwide. Less than two weeks after ...