Ninja Forms and Simple File List: Hackers Scan CMS Websites Globally to Deploy Webshells and Steal Credentials
Jeremy C17h ago
From the article
Global CMS Exploitation Campaign Targets Unpatched Websites A large-scale cyberattack campaign is actively targeting Content Management System (CMS) websites worldwide, with threat actors scanning for unpatched software and vulnerable plugins. Once exploited, attackers deploy malicious webshells to gain remote control over compromised systems, enabling website defacement, credential theft, and malware
Continue reading on RankiteoYou might also wanna read
Over 700 education and tech websites hijacked in ClickFix malware campaign exploiting Ghost CMS flaw
Attackers are exploiting a critical vulnerability in Ghost Content Management System (CMS) to hijack over 700 legitimate websites, including

Phishing Campaign Leveraging the NPM Ecosystem
Snyk·9mo ago
Phantom Stealer malware targets banks via fileless phishing campaign
A threat actor is targeting banks and high-value organizations through a phishing campaign delivering Phantom Stealer, a credential and sess
darkreading.com·13d ago
Massive cyber espionage campaign compromises 75,000 Fortinet devices across 15 countries
A large-scale cyber espionage campaign has targeted Fortinet devices, compromising approximately 75,000 firewall and VPN systems across more
Critical cPanel vulnerability under active attack allows full server hijacking
Security researchers have discovered a critical vulnerability in cPanel and WebHost Manager (WHM), widely used web server management softwar
Early Exploitation of React2Shell Vulnerability (CVE-2025-55182) Targets Critical Infrastructure
The article details early exploitation activity following the public disclosure of the critical React2Shell vulnerability (CVE-2025-55182).

Comments
Sign in to join the conversation.
No comments yet. Be the first.