Update 8-11-2025 06:00 UTC: We have observed some activity in regard to one of the backdoors that involves a gf_api_token parameter. The IP address 193.160.101.6 tries to request, for every site, the following URLs with a spoofed user agent: Update 7-11-2025 14:10 UTC: A version 2.9.13 has been released to ensure customers can safely update […]| Patchstack