Search
Login
Register
Menu
HOME
Current Articles
|
Archives
|
Search
05
36 Malicious npm Packages Exploited Redis, PostgreSQL to Deploy Persistent Implants
Master Code Fu
posted on April 05, 2026 19:50
Cybersecurity researchers have discovered 36 malicious packages in the npm registry that are disguised as Strapi CMS plugins but come with different payloads to facilitate Redis and PostgreSQL exploitation, deploy reverse shells, harvest credentials, and drop a persistent implant. "Every package contains three files (package.json, index.js, postinstall.js), has no description, repository,
[Read the rest of this article...]
Posted in:
Security News
Actions:
E-mail
|
Permalink
|
Comments (0)
05
Fortinet Patches Actively Exploited CVE-2026-35616 in FortiClient EMS
Master Code Fu
posted on April 05, 2026 19:50
Fortinet has released out-of-band patches for a critical security flaw impacting FortiClient EMS that it said has been exploited in the wild. The vulnerability, tracked as CVE-2026-35616 (CVSS score: 9.1), has been described as a pre-authentication API access bypass leading to privilege escalation. "An improper access control vulnerability [CWE-284] in FortiClient EMS may allow an
[Read the rest of this article...]
Posted in:
Security News
Actions:
E-mail
|
Permalink
|
Comments (0)
05
China-Linked TA416 Targets European Governments with PlugX and OAuth-Based Phishing
Master Code Fu
posted on April 05, 2026 19:50
A China-aligned threat actor has set its sights on European government and diplomatic organizations since mid-2025, following a two-year period of minimal targeting in the region. The campaign has been attributed to TA416, a cluster of activity that overlaps with DarkPeony, RedDelta, Red Lich, SmugX, UNC6384, and Vertigo Panda. "This TA416 activity included multiple
[Read the rest of this article...]
Posted in:
Security News
Actions:
E-mail
|
Permalink
|
Comments (0)
05
Microsoft Details Cookie-Controlled PHP Web Shells Persisting via Cron on Linux Servers
Master Code Fu
posted on April 05, 2026 19:50
Threat actors are increasingly using HTTP cookies as a control channel for PHP-based web shells on Linux servers and to achieve remote code execution, according to findings from the Microsoft Defender Security Research Team. "Instead of exposing command execution through URL parameters or request bodies, these web shells rely on threat actor-supplied cookie values to gate execution,
[Read the rest of this article...]
Posted in:
Security News
Actions:
E-mail
|
Permalink
|
Comments (0)
05
UNC1069 Social Engineering of Axios Maintainer Led to npm Supply Chain Attack
Master Code Fu
posted on April 05, 2026 19:50
The maintainer of the Axios npm package has confirmed that the supply chain compromise was the result of a highly-targeted social engineering campaign orchestrated by North Korean threat actors tracked as UNC1069. Maintainer Jason Saayman said the attackers tailored their social engineering efforts "specifically to me" by first approaching him under the guise of the founder of a
[Read the rest of this article...]
Posted in:
Security News
Actions:
E-mail
|
Permalink
|
Comments (0)
Page 1 of 10
First
Previous
[1]
2
3
4
5
6
7
8
9
10
Next
Last