The Hacker News

Microsoft Details Cookie-Controlled PHP Web Shells Persisting via Cron on Linux Servers

Cookie-gated PHP web shells enable persistent Linux RCE via cron-based re-creation, reducing detection in routine traffic ...
Microsoft

Cookie-controlled PHP webshells: A stealthy tradecraft in Linux hosting environments

Cookie-gated PHP webshells use obfuscation, php-fpm execution, and cron-based persistence to evade detection in Linux hosting ...
The Hacker News

New Chaos Variant Targets Misconfigured Cloud Deployments, Adds SOCKS Proxy

Chaos malware targets misconfigured cloud deployments, detected by Darktrace in 2025, expanding botnet monetization via proxy ...

Hackers compromise Axios npm package to drop cross-platform malware

Hackers hijacked the npm account of the Axios package, a JavaScript HTTP client with 100M+ weekly downloads, to deliver ...
Linux Journal

GNOME 50 Reaches Arch Linux: A Leaner, Wayland-Only Future Arrives

Arch Linux users are among the first to experience the latest GNOME desktop, as GNOME 50 has begun rolling out through Arch’s ...
Security BoulevardOpinion

BPFdoor in Telecom Networks: The FCC Is Securing the Edge, but China’s Hackers Are ...

Rapid7's research reveals China-linked kernel implants deep inside telecom signaling infrastructure. Here's what BPFdoor is, ...
MUO on MSN

Android's Linux terminal is so good that I keep finding new reasons not to open my PC

I keep reaching for my phone, and it’s not for scrolling.

Critical Marimo pre-auth RCE flaw now under active exploitation

A critical pre-authentication remote code execution (RCE) vulnerability in Marimo is now under active exploitation, leveraged ...
CDOTrends

The AI That Hacks Back

Anthropic’s newest frontier model — still not publicly available and still technically a “preview” — is the most ...
InfoQ

Anthropic Releases Claude Mythos Preview with Cybersecurity Capabilities but Withholds ...

Anthropic has introduced Claude Mythos Preview, its most advanced AI model, improving significantly in reasoning, coding, and cybersecurity. Unlike previous releases, it will not be publicly available ...