Search
Login
Register
Menu
Current Articles
|
Archives
|
Search
03
China-Linked TA416 Targets European Governments with PlugX and OAuth-Based Phishing
Master Code Fu
posted on April 03, 2026 21:40
A China-aligned threat actor has set its sights on European government and diplomatic organizations since mid-2025, following a two-year period of minimal targeting in the region. The campaign has been attributed to TA416, a cluster of activity that overlaps with DarkPeony, RedDelta, Red Lich, SmugX, UNC6384, and Vertigo Panda. "This TA416 activity included multiple
[Read the rest of this article...]
Posted in:
Security News
Actions:
E-mail
|
Permalink
|
Comments (0)
03
Microsoft Details Cookie-Controlled PHP Web Shells Persisting via Cron on Linux Servers
Master Code Fu
posted on April 03, 2026 21:40
Threat actors are increasingly using HTTP cookies as a control channel for PHP-based web shells on Linux servers and to achieve remote code execution, according to findings from the Microsoft Defender Security Research Team. "Instead of exposing command execution through URL parameters or request bodies, these web shells rely on threat actor-supplied cookie values to gate execution,
[Read the rest of this article...]
Posted in:
Security News
Actions:
E-mail
|
Permalink
|
Comments (0)
03
UNC1069 Social Engineering of Axios Maintainer Led to npm Supply Chain Attack
Master Code Fu
posted on April 03, 2026 21:40
The maintainer of the Axios npm package has confirmed that the supply chain compromise was the result of a highly-targeted social engineering campaign orchestrated by North Korean threat actors tracked as UNC1069. Maintainer Jason Saayman said the attackers tailored their social engineering efforts "specifically to me" by first approaching him under the guise of the founder of a
[Read the rest of this article...]
Posted in:
Security News
Actions:
E-mail
|
Permalink
|
Comments (0)
03
Why Third-Party Risk Is the Biggest Gap in Your Clients' Security Posture
Master Code Fu
posted on April 03, 2026 21:40
The next major breach hitting your clients probably won't come from inside their walls. It'll come through a vendor they trust, a SaaS tool their finance team signed up for, or a subcontractor nobody in IT knows about. That's the new attack surface, and most organizations are underprepared for it. Cynomi's new guide, Securing the Modern Perimeter: The Rise of Third-Party
[Read the rest of this article...]
Posted in:
Security News
Actions:
E-mail
|
Permalink
|
Comments (0)
03
New SparkCat Variant in iOS, Android Apps Steals Crypto Wallet Recovery Phrase Images
Master Code Fu
posted on April 03, 2026 21:40
Cybersecurity researchers have discovered a new version of the SparkCat malware on the Apple App Store and Google Play Store, more than a year after the trojan was discovered targeting both the mobile operating systems. The malware has been found to conceal itself within seemingly benign apps, such as enterprise messengers and food delivery services, while
[Read the rest of this article...]
Posted in:
Security News
Actions:
E-mail
|
Permalink
|
Comments (0)
Page 1 of 10
First
Previous
[1]
2
3
4
5
6
7
8
9
10
Next
Last