The Hacker News

Microsoft Details Cookie-Controlled PHP Web Shells Persisting via Cron on Linux Servers

Cookie-gated PHP web shells enable persistent Linux RCE via cron-based re-creation, reducing detection in routine traffic ...
The Hacker News

Hackers Exploit CVE-2025-55182 to Breach 766 Next.js Hosts, Steal Credentials

"The C2 hosts a web-based graphical user interface (GUI) titled 'NEXUS Listener' that can be used to view stolen information ...

Hackers exploit React2Shell in automated credential theft campaign

Hackers are running a large-scale campaign to steal credentials in an automated way after exploiting React2Shell ...
SecurityWeek

Medusa Ransomware Fast to Exploit Vulnerabilities, Breached Systems

The Medusa ransomware group is operating at a fast pace by leveraging zero-days and quickly exploiting new bugs and breached ...
Microsoft

Cookie-controlled PHP webshells: A stealthy tradecraft in Linux hosting environments

Cookie-gated PHP webshells use obfuscation, php-fpm execution, and cron-based persistence to evade detection in Linux hosting ...
Microsoft

Storm-1175 focuses gaze on vulnerable web-facing assets in high-tempo Medusa ransomware operations

The financially motivated cybercriminal threat actor Storm-1175 operates high-velocity ransomware campaigns that weaponize ...
Yehey.com

Yehey.com - Rogue AI Agents Exploit Vulnerabilities, Leak Passwords, and Disable Antivirus

Image courtesy by QUE.com Autonomous AI agents are quickly moving from experimental demos to real operational tools. They can browse ...
SecurityWeek

Critical ShareFile Flaws Lead to Unauthenticated RCE

Two critical-severity ShareFile vulnerabilities allow remote attackers to bypass authentication and execute arbitrary code.
Que.com on MSN

The 2026 cybersecurity reckoning: AI-driven zero-days and the siege of critical infrastructure

The digital landscape of April 8, 2026, has reached a critical inflection point, marked by a dual escalation that challenges ...
Scientific American

The hacked cameras behind the wave of assassinations in Iran

Security feeds and traffic cameras have helped guide some of the most audacious targeted killings in modern history. Security ...
CSO Online

Security lapse lets researchers view React2Shell hackers’ dashboard

The campaign is stealing credentials from unpatched servers at scale, due to “neglect and efficiency,” says analyst, and the ...

"GPUBreach": System takeover with bit flips in Nvidia GPU

Rowhammer attacks on GPUs can not only destroy data, but also be misused for privilege escalation.