The Hacker News

DPRK-Linked Hackers Use GitHub as C2 in Multi-Stage Attacks Targeting South Korea

DPRK-linked actors use GitHub C2 and LNK phishing in South Korea, enabling persistent PowerShell control and data ...
Microsoft

Cookie-controlled PHP webshells: A stealthy tradecraft in Linux hosting environments

Cookie-gated PHP webshells use obfuscation, php-fpm execution, and cron-based persistence to evade detection in Linux hosting ...
The Hacker News

Axios Supply Chain Attack Pushes Cross-Platform RAT via Compromised npm Account

Axios 1.14.1 and 0.30.4 injected malicious plain-crypto-js@4.2.1 after npm compromise on March 31, 2026, deploying ...
SecurityWeek

React2Shell Exploited in Large-Scale Credential Harvesting Campaign

The UAT-10608 hacking group is using automated scanning and scripts to exploit React2Shell in a large-scale credential ...

Hackers compromise Axios npm package to drop cross-platform malware

Hackers hijacked the npm account of the Axios package, a JavaScript HTTP client with 100M+ weekly downloads, to deliver ...
Make Tech Easier

ShellGPT: Turn Your Words into Terminal Commands

ShellGPT makes the terminal user-friendly, saving time by generating commands, automating scripts, and guiding me through tasks.
Hackaday

Reverse-Engineering The Holy Stone H120D Drone

There are plenty of drones (and other gadgets) you can buy online that use proprietary control protocols. Of course, ...
diginomica

Is agentic AI undermining offshoring? Open Reply asks the question

Open Reply describes itself as an AI-first product engineering consultancy. It helps customers build digital products, by ...

IPL 2026: Noor’s struggles add to CSK’s growing list of worries

One of the striking images of the IPL mega auction in 2024 was Chennai Super Kings head coach Stephen Fleming flashing all ...
Microsoft

Storm-1175 focuses gaze on vulnerable web-facing assets in high-tempo Medusa ransomware operations

The financially motivated cybercriminal threat actor Storm-1175 operates high-velocity ransomware campaigns that weaponize ...
InfoWorld

New ‘StoatWaffle’ malware auto‑executes attacks on developers

The newly observed malware abuses VS Code’s “runOn:folderOpen” feature to execute automatically from trusted projects, ...

The agentic workforce is here: Why Cisco just put a ‘Claw’ on AI security

At RSAC 2026, there has been a definite change in topic as the world has been shifting from conversational AI to agentic AI. The world is moving from AI that answers questions to AI that takes actions ...