Threat perpetrators have been detected leveraging numerous vulnerabilities in diverse software applications, such as Progress Telerik UI for ASP.NET AJAX and Advantive VeraCore, to deploy reverse shells and web shells, thereby ensuring continuous remote access to the breached systems.
The zero-day exploitation of vulnerabilities in VeraCore has been ascribed to a threat entity recognized as XE Group, a cybercriminal organization.