Hackers use scripts that crawl the web specifically looking for /CuteNews/show_news.php paths. Once found, they attempt brute-force attacks using common default pairs like admin/admin or admin/password .