TI Mindmap HUB
Threat Intelligence Report

How WP-SHELLSTORM Exposed 1.4M WordPress Sites

📅 July 10, 2026 📰 socradar.io 🔍 11 CVE(s) referenced

A critical operational blunder by a Chinese-linked cybercrime group exposed the full arsenal, victim lists, and attack infrastructure behind WP-SHELLSTORM—a massive, multi-platform webshell access-broker campaign targeting over 1.4 million WordPress and Java-based systems worldwide.

vendor
CVE-2026-0740, CVE-2025-34085, CVE-2020-25213, CVE-2025-7852, CVE-2021-29441, CVE-2026-1969, CVE-2026-3844, CVE-2025-7443, CVE-2026-6433, CVE-2026-48907, CVE-2025-12057

Sign in to access the full report including:
detailed analysis, IOCs, MITRE ATT&CK mapping, and STIX bundle.

🔐 Sign In to Read Full Report

You'll need to accept our Terms of Service to access the platform.

📊 Visual Mindmap
🎯 IOC Extraction
⚔️ MITRE ATT&CK TTPs
📦 STIX 2.1 Bundle