Hackers exploit React2Shell in automated credential theft campaign

Hackers are running a large-scale campaign to steal credentials in an automated way after exploiting React2Shell ...
The Hacker News

⚡ Weekly Recap: Axios Hack, Chrome 0-Day, Fortinet Exploits, Paragon Spyware and More

Phishing surge, LinkedIn tracking claims, spyware use, and rising stealers expose growing abuse of trusted systems.
Microsoft

Storm-1175 focuses gaze on vulnerable web-facing assets in high-tempo Medusa ransomware operations

The financially motivated cybercriminal threat actor Storm-1175 operates high-velocity ransomware campaigns that weaponize ...
SecurityWeek

React2Shell Exploited in Large-Scale Credential Harvesting Campaign

The UAT-10608 hacking group is using automated scanning and scripts to exploit React2Shell in a large-scale credential ...
Microsoft

Cookie-controlled PHP webshells: A stealthy tradecraft in Linux hosting environments

Cookie-gated PHP webshells use obfuscation, php-fpm execution, and cron-based persistence to evade detection in Linux hosting ...
The Hacker News

How LiteLLM Turned Developer Machines Into Credential Vaults for Attackers

LiteLLM 1.82.7–1.82.8 supply chain attack exposed 33,185 secrets across 6,943 machines, leaving 3,760 valid credentials ...
The New York Times

How Zohran Mamdani Came to Embrace the Palestinian Cause

As Mr. Mamdani seeks to reassure New York City he is open to compromise, his views on Israel and Palestinians have been the biggest exception. By Nicholas Fandos Nicholas Fandos interviewed many of ...
Dark Reading

Nigerian Businesses Face Growing Ransomware-as-a-Service Trade

Ransomware-as-a-service looks set to fuel an increase in cyberattacks in Nigeria in the coming year, even as operational disruptions and recovery efforts already cost billions of Nigerian naira, or ...
The New York Times

Trump Says U.S. Military Campaign to Wind Down and Plans National Address

“We will be leaving very soon,” the president told reporters in the Oval Office. A few hours later, the White House said Mr. Trump would provide “an important update on Iran” on Wednesday evening.