importantSYS.SOURCE: The Hacker News• 2026-07-10T17:00:02+05:30
Exposed Hacker Server Unveils WP-SHELLSTORM Webshell Campaign Targeting WordPress and Joomla Sites
#WordPress Security#Webshell Attacks#Cybercrime#Vulnerability Exploitation#Hacker Tools
An exposed hacker server revealed the WP-SHELLSTORM campaign, which used webshells and exploit tools to compromise WordPress and Joomla sites through known vulnerabilities. The operation targeted over 1.4 million domains, with 5,700+ confirmed compromises, leveraging tools like SNOWLIGHT and VShell for persistent access.
A cybercrime crew left one of its own servers wide open on the internet for three weeks, and it exposed the operation's inner workings: the hacking tools, the activity logs, and target lists naming more than 1.4 million websites.
Far fewer were actually broken into, but the exposed files showed researchers how a mass site-hacking operation runs from the inside.
The operation, now tracked as
*** END OF TRANSMISSION ***