Tag: web shell

2 articles

Industrial control systems and server equipment in a brightly-lit manufacturing setting.

CISA Flags Exploited PTC Windchill Flaw Amid Web Shell Attacks

PTC has confirmed that attackers are exploiting a high-severity flaw, CVE-2026-12569, in its Windchill software to drop malicious web shells on vulnerable systems, allowing them to execute arbitrary code remotely. The company has reported heightened threat activity, urging users to take immediate action to protect themselves.

Analyst 207Jun 26, 2026

Server room with rows of equipment and a blurred laptop screen in the foreground.

Hackers Exploit KnowledgeDeliver Flaw to Install Web Shells

Hackers have exploited a critical flaw in KnowledgeDeliver, using it as a zero-day to sneakily install a powerful .NET web shell called Godzilla on vulnerable servers. This sneaky attack was made possible by a deserialization vulnerability, CVE-2026-5426, that allowed threat actors to execute code at the operating-system level.

Analyst 207May 26, 2026