The Hacker News

Chinese Hackers Weaponize Open-Source Nezha Tool in New Attack Wave

The access afforded by the ANTSWORD web shell is then used to run the "whoami" command to determine the privileges of the web server and deliver the open-source Nezha agent, which can be used to ...
Infosecurity Magazine

Nezha Tool Used in New Cyber Campaign Targeting Web Applications

A cyber campaign using Nezha has been identified, targeting vulnerable web apps with PHP web shells and Ghost RAT ...
CSO Online

Open-source monitor turns into an off-the-shelf attack beacon

Hackers used log poisoning and web shells to convert Nezha into a remote access tool targeting networks across East Asia.