Microsoft says that the number of monthly web shell attacks has almost doubled since last year. Microsoft says an average of 140,000 such malicious tools are found on compromised servers every month. Microsoft also provided some tips on how to harden servers against attacks attempting to download and install a web shell. The National Security Agency also warned of threat actors escalating their attacks on vulnerable web servers in a joint report issued with the Australian Signals Directorate (ASD) The NSA has a dedicated GitHub repository with tools that organizations and admins can use to detect and block web shell threats.
Source: https://www.bleepingcomputer.com/news/security/microsoft-warns-of-an-increasing-number-of-web-shell-attacks/