Microsoft

Cookie-controlled PHP webshells: A stealthy tradecraft in Linux hosting environments

Cookie-gated PHP webshells use obfuscation, php-fpm execution, and cron-based persistence to evade detection in Linux hosting ...
TweakTown

The most boring protocol on the Internet can now run DOOM, loading from nearly 2,000 text records

DNS text records and a PowerShell script is the latest absurd way someone has managed to get the iconic first-person shooter ...

That top Google result for Homebrew could infect your Mac

Malicious ads are pushing fake Homebrew installers to Mac users, and the attack relies on trusting the first Google search result.
SecurityWeek

Telnyx Targeted in Growing TeamPCP Supply Chain Attack

The TeamPCP hacking group has hacked the Telnyx PyPI package as part of a supply chain campaign targeting the broad OSS ecosystem.
The Hacker News

China-Linked TA416 Targets European Governments with PlugX and OAuth-Based Phishing

TA416 targeted European governments from mid-2025 using PlugX and OAuth abuse, enabling cyber espionage against EU and NATO ...

Doom 'runs' over DNS text entries now, because everything is possible if you believe in yourself

What's next, a literal potato? Oh yeah. Done that.
Security Boulevard

Frequently Asked Questions About the Axios npm Supply Chain Attack by North Korea-Nexus Threat Actor UNC1069

A North Korea-nexus threat actor compromised the widely used axios npm package, delivering a cross-platform remote access ...

I put Apple’s new macOS ClickFix warnings to the test and they actually worked — now I want them on Windows too

Apple now shows a warning before pasting anything that could be dangerous in macOS Tahoe 26.4 to help keep you safe from ...