ThreatsHub Cybersecurity News

Cookie-gated PHP webshells use obfuscation, php-fpm execution, and cron-based persistence to evade detection in Linux hosting environments. This post examines how this tradecraft conceals execution behind specially crafted HTTP cookies.
The post Cookie-controlled PHP webshells: A stealthy tradecraft in Linux hosting environments appeared first on Microsoft Security Blog. READ MORE HERE…

ZDNet | Security

April 2, 2026 TH Author

My two Raspberry Pi boards cost as much as a laptop now – and AI is to blame

We live in a time when two 16GB Raspberry Pi 5 boards cost the same as a MacBook Neo. Here’s why – and how to save.READ MORE HERE…

The Register

April 2, 2026 TH Author

The company’s biggest security hole lived in the breakroom

Connected devices can leave an otherwise secure network vulnerable Pwned Welcome to Pwned, The Register’s new column, where we highlight the worst infosec own goals so you can, hopefully, protect against them. Caffeine is an essential tool for most IT defenders, so, on balance, we’re sure it has protected against a lot more exploits than it has caused. But in this case, the desire for everyone’s favorite stimulant led to a massive breach.… READ MORE HERE…

The Register

April 2, 2026 TH Author

AI recruiting biz Mercor says it was ‘one of thousands’ hit in LiteLLM supply-chain attack

First public downstream victim, but won’t be the last AI hiring startup Mercor confirmed it was “one of thousands of companies” affected by the LiteLLM supply-chain attack as the fallout from the Trivy compromise continues to spread.… READ MORE HERE…

Microsoft Secure

April 1, 2026 TH Author

Mitigating the Axios npm supply chain compromise

On March 31, 2026, the popular HTTP client Axios experienced a supply chain attack, causing two newly published npm packages for version updates to download from command and control (C2) that Microsoft Threat Intelligence has attributed to the North Korean state actor Sapphire Sleet. Although the malicious versions are no longer available for download, since Axios is one of the most widely used HTTP clients in the JavaScript ecosystem, this compromise exposed hundreds to potentially millions of users.
The post Mitigating the Axios npm supply chain compromise appeared first on Microsoft Security Blog. READ MORE HERE…

ZDNet | Security

April 1, 2026 TH Author

Still running iOS 18? Install this critical update ASAP

The latest patch provides protection against the deadly DarkSword exploit for iPhone users who have chosen to remain on iOS 18.READ MORE HERE…

The Register

April 1, 2026 TH Author

Amazon security boss: AI makes pentesting 40% more efficient

Plus: how to train your human AI interview Amazon has seen a 40 percent efficiency gain by using AI tools to pentest its products before and after launch, according to security chief CJ Moses.… READ MORE HERE…

The Register

April 1, 2026 TH Author

‘People’s Panel’ to check if UK wants controversial Digital ID will cost £630K

We could tell you no for free The UK government will spend about £630,000 running a discussion panel on its digital identity card plans, which minister James Frith said will “consider different perspectives and debate trade-offs” alongside a formal consultation.… READ MORE HERE…

ZDNet | Security

April 1, 2026 TH Author

You can still save on gaming laptops, SSDs, and consoles at Best Buy

The Amazon Spring Sale has ended, but if you need to upgrade your gaming setup, you can save hundreds on gaming laptops, SSDs, and more at Best Buy.READ MORE HERE…

The Register

April 1, 2026 TH Author

UK manufacturers under cyber fire with 80% reporting attacks

ESET says factory outages, lost revenue, and supply chain disruption are becoming routine Nearly 80 percent of British manufacturers say they’ve been hit by a cyber incident in the past year, as new research suggests disruption on the factory floor is no longer an exception but business as usual.… READ MORE HERE…

Cyber Security Trending News

How I calibrated my subwoofer placement for peak impact in awkward room setups

Cookie-controlled PHP webshells: A stealthy tradecraft in Linux hosting environments

My two Raspberry Pi boards cost as much as a laptop now – and AI is to blame

The company’s biggest security hole lived in the breakroom

AI recruiting biz Mercor says it was ‘one of thousands’ hit in LiteLLM supply-chain attack

Mitigating the Axios npm supply chain compromise

Still running iOS 18? Install this critical update ASAP

Amazon security boss: AI makes pentesting 40% more efficient

‘People’s Panel’ to check if UK wants controversial Digital ID will cost £630K

You can still save on gaming laptops, SSDs, and consoles at Best Buy

UK manufacturers under cyber fire with 80% reporting attacks