Microsoft Details Cookie-Controlled PHP Web Shells Persisting via Cron on Linux Servers
Ravie LakshmananApr 03, 2026Linux / Server Hardening Threat actors are increasingly using HTTP cookies as a control channel for PHP-based web...
Hacking
Category Added in a WPeMatico Campaign
UNC1069 Social Engineering of Axios Maintainer Led to npm Supply Chain Attack
Ravie LakshmananApr 03, 2026Threat Intelligence / Malware The maintainer of the Axios npm package has confirmed that the supply chain compromise...
Why Third-Party Risk Is the Biggest Gap in Your Clients’ Security Posture
The next major breach hitting your clients probably won't come from inside their walls. It'll come through a vendor they trust, a SaaS...
New SparkCat Variant in iOS, Android Apps Steals Crypto Wallet Recovery Phrase Images
Ravie LakshmananApr 03, 2026Mobile Security / Threat Intelligence Cybersecurity researchers have discovered a new version of the SparkCat malware on the Apple...
Drift Loses $285 Million in Durable Nonce Social Engineering Attack Linked to DPRK
Solana-based decentralized exchange Drift has confirmed that attackers drained about $285 million from the platform during a security incident that...
Hackers Exploit CVE-2025-55182 to Breach 766 Next.js Hosts, Steal Credentials
Ravie LakshmananApr 02, 2026Vulnerability / Threat Intelligence A large-scale credential harvesting operation has been observed exploiting the React2Shell vulnerability as an initial infection...
Cisco Patches 9.8 CVSS IMC and SSM Flaws Allowing Remote System Compromise
Ravie LakshmananApr 02, 2026Network Security / Vulnerability Cisco has released updates to address a critical security flaw in the Integrated Management...
ThreatsDay Bulletin: Pre-Auth Chains, Android Rootkits, CloudTrail Evasion & 10 More Stories
Ravie LakshmananApr 02, 2026Cybersecurity / Hacking News The latest ThreatsDay Bulletin is basically a cheat sheet for everything breaking on the...
Researchers Uncover Mining Operation Using ISO Lures to Spread RATs and Crypto Miners
Ravie LakshmananApr 02, 2026Cryptomining / Malware A financially motivated operation codenamed REF1695 has been observed leveraging fake installers to deploy remote access trojans (RATs)...
The State of Trusted Open Source Report
In December 2025, we shared the first-ever The State of Trusted Open Source report, featuring insights from our product data and customer...
WhatsApp Alerts 200 Users After Fake iOS App Installed Spyware; Italian Firm Faces Action
Ravie LakshmananApr 02, 2026Surveillance / Mobile Security Meta-owned messaging platform WhatsApp said it alerted about 200 users who were tricked...
Apple Expands iOS 18.7.7 Update to More Devices to Block DarkSword Exploit
Ravie LakshmananApr 02, 2026Mobile Security / Vulnerability Apple on Wednesday expanded the availability of iOS 18.7.7 and iPadOS 18.7.7 to a broader range of...
CERT-UA Impersonation Campaign Spread AGEWHEEZE Malware to 1 Million Emails
Ravie LakshmananApr 01, 2026Email Security / Artificial Intelligence The Computer Emergency Response Team of Ukraine (CERT-UA) has disclosed details of...
Microsoft Warns of WhatsApp-Delivered VBS Malware Hijacking Windows via UAC Bypass
Ravie LakshmananApr 01, 2026Social Engineering / Malware Microsoft is calling attention to a new campaign that has leveraged WhatsApp messages...
Block the Prompt, Not the Work: The End of “Doctor No”
The Hacker NewsApr 01, 2026Endpoint Security / Data Protection There is a character that keeps appearing in enterprise security departments,...
