THREAT OPS › Threat News › How WP-SHELLSTORM Exposed 1.4M WordPress Sites
How WP-SHELLSTORM Exposed 1.4M WordPress Sites
<h1>How WP-SHELLSTORM Exposed 1.4M WordPress Sites</h1> <p><em>The SOCRadar </em><em>Threat Intelligence</em><em> Team traces an exposed directory back to a Chinese-linked cybercrime operation and details findings from the investigation.</em></p> <p>Every so often, a <a href="https://socradar.io/glossary/threat-actors/">threat actor</a>’s mistake hands over the keys to their entire operation. That
MITRE ATT&CK techniques
Indicators of compromise
- 84f7e396a48913851a10cc78c5cc22a25634564abd0694465236d2f365e2bdeesha256
- CVE-2021-29441cve
- CVE-2026-3844cve
- CVE-2026-1969cve
- CVE-2025-34085cve
- CVE-2026-6433cve
- CVE-2025-12057cve
- CVE-2025-7443cve
- CVE-2026-0740cve
- CVE-2025-7852cve
- CVE-2026-48907cve
- CVE-2020-25213cve
- https://ctrlaltintel.com/research/Wordpress/url
- chenyk@163.comemail
- 137.175.93.126ipv4
- 113.196.56.150ipv4
- 43.108.17.80ipv4
- 113.196.59.51ipv4
- xs.xxooonline.eu.ccdomain
Original source: https://socradar.io/blog/wp-shellstorm-expose-1-4m-wordpress-sites/