Microsoft

Cookie-controlled PHP webshells: A stealthy tradecraft in Linux hosting environments

Cookie-gated PHP webshells use obfuscation, php-fpm execution, and cron-based persistence to evade detection in Linux hosting environments. This post examines how this tradecraft conceals execution ...
Dark Reading

APT41 Delivers 'Zero-Detection' Backdoor to Harvest Cloud Credentials

The China-backed threat group is targeting AWS, Google, Azure, and Alibaba cloud environments and using typosquatting to ...
Network World

Cisco fixes critical IMC auth bypass present in many products

The Integrated Management Controller (IMC) flaw gives attackers admin access and remote control over servers even when main ...
OMG! Ubuntu

Linux App Release Roundup (March 2026)

March 2026 meted out a sizeable set of Linux software releases, including updates to FOSS stalwarts GIMP, digiKam, Krita and Blender. The preceding month ...
MUO on MSN

I stopped using top in Linux once I discovered this better terminal tool

A smarter way to monitor Linux resources without switching between tools.
Security Boulevard

What to Know About CyberAv3ngers: The IRGC-Linked Group Targeting Critical Infrastructure

An Iran-affiliated threat group has evolved from defacing water utility displays to deploying custom ICS malware and exploiting Rockwell Automation PLCs across multiple U.S. critical infrastructure ...
The Hacker News

Anthropic's Claude Mythos Finds Thousands of Zero-Day Flaws Across Major Systems

Claude Mythos finds thousands of zero-days as Anthropic launches Project Glasswing, enhancing defenses but exposing AI ...
CSO Online

China-linked cloud credential heist runs on typos and SMTP

The Linux-based ELF backdoor is targeting cloud workloads across providers, using SMTP-based C2 and typosquatted Alibaba ...

Hackers exploit Marimo flaw to deploy NKAbuse malware from Hugging Face

Hackers are exploiting a critical vulnerability in Marimo reactive Python notebook to deploy a new variant of NKAbuse malware ...
CSO Online

Fortinet releases emergency hotfix for FortiClient EMS zero-day flaw

Exploited in the wild prior to Fortinet’s advisory, the vulnerability allows unauthenticated attackers to remotely execute ...
Microsoft

Storm-1175 focuses gaze on vulnerable web-facing assets in high-tempo Medusa ransomware operations

The financially motivated cybercriminal threat actor Storm-1175 operates high-velocity ransomware campaigns that weaponize ...
IoT Tech News

Masjesu botnet targets smart factory floors for extortion

Unpatched industrial IoT devices are exposing smart factory floors to commercial botnet extortion and severe operational ...