#php-vulnerabilities

[ follow ]
#cybersecurity #malware #vulnerabilities #supply-chain-attack #remote-code-execution #security #axios #npm
Information security
fromThe Hacker News
1 day ago

Microsoft Details Cookie-Controlled PHP Web Shells Persisting via Cron on Linux Servers

Threat actors exploit HTTP cookies for PHP web shells on Linux servers, enabling remote code execution with stealthy control mechanisms.
Cryptocurrency
fromnews.bitcoin.com
8 hours ago

Human Error, Not Hacking, Cited as Top Cause for Crypto Access Loss

Human error is the leading cause of cryptocurrency access loss, affecting 35% of holders, primarily due to forgotten passwords and lost seed phrases.
#openclaw
DevOps
fromInfoWorld
1 day ago

Understanding the risks of OpenClaw

OpenClaw is an orchestration layer that requires external services to function effectively, rather than being a standalone cloud platform.
Information security
fromArs Technica
23 hours ago

OpenClaw gives users yet another reason to be freaked out about security

OpenClaw's vulnerabilities pose severe security risks, allowing attackers to gain administrative access with minimal permissions.
DevOps
fromInfoWorld
1 day ago

Understanding the risks of OpenClaw

OpenClaw is an orchestration layer that requires external services to function effectively, rather than being a standalone cloud platform.
Information security
fromArs Technica
23 hours ago

OpenClaw gives users yet another reason to be freaked out about security

OpenClaw's vulnerabilities pose severe security risks, allowing attackers to gain administrative access with minimal permissions.
more#openclaw
#open-source
Python
fromThe Hacker News
2 days ago

The State of Trusted Open Source Report

AI is reshaping software development and security, influencing container image usage and vulnerability management.
Python
fromThe Hacker News
2 days ago

The State of Trusted Open Source Report

AI is reshaping software development and security, influencing container image usage and vulnerability management.
more#open-source
#npm
Node JS
fromInfoQ
2 days ago

Axios npm Package Compromised in Supply Chain Attack

A significant supply chain attack on Axios introduced a Remote Access Trojan via hijacked maintainer accounts, affecting numerous developer environments.
Node JS
fromTheregister
4 days ago

Top npm package backdoored to drop dirty RAT on dev machines

A widely used npm library, axios, was compromised to deliver malware through a maintainer's hijacked account.
Node JS
fromBleepingComputer
4 days ago

Hackers compromise Axios npm package to drop cross-platform malware

Hackers compromised the Axios npm account to distribute remote access trojans across multiple operating systems.
Node JS
fromInfoQ
2 days ago

Axios npm Package Compromised in Supply Chain Attack

A significant supply chain attack on Axios introduced a Remote Access Trojan via hijacked maintainer accounts, affecting numerous developer environments.
Node JS
fromTheregister
4 days ago

Top npm package backdoored to drop dirty RAT on dev machines

A widely used npm library, axios, was compromised to deliver malware through a maintainer's hijacked account.
Node JS
fromBleepingComputer
4 days ago

Hackers compromise Axios npm package to drop cross-platform malware

Hackers compromised the Axios npm account to distribute remote access trojans across multiple operating systems.
more#npm
Web design
fromKDnuggets
3 days ago

7 Essential AI Website Builders: From Prompt to Production - KDnuggets

Artificial intelligence website builders simplify website creation, offering free plans and tailored solutions for various needs.
#ai
Artificial intelligence
fromSecurityWeek
5 days ago

Silent Drift: How LLMs Are Quietly Breaking Organizational Access Control

AI assistance in policy as code can introduce serious flaws, leading to incorrect access permissions despite syntactically valid policies.
Information security
fromThe Hacker News
3 days ago

Claude Code Source Leaked via npm Packaging Error, Anthropic Confirms

Anthropic confirmed a human error led to the accidental release of Claude Code's internal source code, but no sensitive data was exposed.
Artificial intelligence
fromSecurityWeek
5 days ago

Silent Drift: How LLMs Are Quietly Breaking Organizational Access Control

AI assistance in policy as code can introduce serious flaws, leading to incorrect access permissions despite syntactically valid policies.
Information security
fromThe Hacker News
3 days ago

Claude Code Source Leaked via npm Packaging Error, Anthropic Confirms

Anthropic confirmed a human error led to the accidental release of Claude Code's internal source code, but no sensitive data was exposed.
more#ai
#cybersecurity
Information security
fromSecurityWeek
1 day ago

In Other News: ChatGPT Data Leak, Android Rootkit, Water Facility Hit by Ransomware

New Android malware targets banking users, Italy fines Intesa Sanpaolo for data breach, Apple updates Mac security against ClickFix attacks.
Information security
fromThe Hacker News
3 days ago

3 Reasons Attackers Are Using Your Trusted Tools Against You (And Why You Don't See It Coming)

Cyber attackers increasingly exploit legitimate tools within environments, making detection difficult and expanding the attack surface organizations must manage.
Information security
fromThe Hacker News
1 day ago

UNC1069 Social Engineering of Axios Maintainer Led to npm Supply Chain Attack

A targeted social engineering campaign by North Korean actors led to a supply chain compromise of the Axios npm package.
Node JS
fromInfoQ
5 days ago

Are We Ready for the Next Cyber Security Crisis Like Log4shell?

Organizations are not prepared for the next cybersecurity crisis, similar to Log4Shell.
Information security
fromThe Hacker News
2 days ago

ThreatsDay Bulletin: Pre-Auth Chains, Android Rootkits, CloudTrail Evasion & 10 More Stories

The ThreatsDay Bulletin provides a concise overview of current cybersecurity threats and trends affecting system safety.
Information security
fromSecurityWeek
1 day ago

In Other News: ChatGPT Data Leak, Android Rootkit, Water Facility Hit by Ransomware

New Android malware targets banking users, Italy fines Intesa Sanpaolo for data breach, Apple updates Mac security against ClickFix attacks.
Information security
fromThe Hacker News
3 days ago

3 Reasons Attackers Are Using Your Trusted Tools Against You (And Why You Don't See It Coming)

Cyber attackers increasingly exploit legitimate tools within environments, making detection difficult and expanding the attack surface organizations must manage.
more#cybersecurity
Software development
fromDevOps.com
2 days ago

Why Code Validation is the Next Frontier - DevOps.com

Shared staging environments are inadequate for modern development; isolated, on-demand setups are needed for effective validation.
Information security
fromSecurityWeek
1 day ago

Critical ShareFile Flaws Lead to Unauthenticated RCE

Two critical vulnerabilities in ShareFile could allow unauthenticated remote code execution through improper access to configuration pages.
Software development
fromInfoWorld
3 days ago

Vim and GNU Emacs: Claude Code helpfully found zero-day exploits for both

LLMs can quickly identify security vulnerabilities in code, but their rapid evolution poses potential risks.
#axios
Node JS
fromSecurityWeek
3 days ago

Axios NPM Package Breached in North Korean Supply Chain Attack

Malicious Axios NPM library versions were distributed in a supply chain attack by North Korean hackers, affecting millions of users.
Node JS
fromThe Hacker News
4 days ago

Axios Supply Chain Attack Pushes Cross-Platform RAT via Compromised npm Account

Axios experienced a supply chain attack due to malicious dependencies in two npm package versions.
Information security
fromSiliconANGLE
4 days ago

Hackers compromise popular Axios Javascript library with hidden malware - SiliconANGLE

Axios HTTP client library was hacked to distribute malware via a compromised npm account, affecting multiple operating systems.
Node JS
fromSecurityWeek
3 days ago

Axios NPM Package Breached in North Korean Supply Chain Attack

Malicious Axios NPM library versions were distributed in a supply chain attack by North Korean hackers, affecting millions of users.
Node JS
fromThe Hacker News
4 days ago

Axios Supply Chain Attack Pushes Cross-Platform RAT via Compromised npm Account

Axios experienced a supply chain attack due to malicious dependencies in two npm package versions.
Information security
fromSiliconANGLE
4 days ago

Hackers compromise popular Axios Javascript library with hidden malware - SiliconANGLE

Axios HTTP client library was hacked to distribute malware via a compromised npm account, affecting multiple operating systems.
more#axios
Privacy technologies
fromSecurityWeek
2 weeks ago

Researcher Discovers 4th WhatsApp View Once Bypass; Meta Won't Patch

A researcher discovered a fourth method to bypass WhatsApp's View Once feature using a modified client, which Meta will not patch because it falls outside their security model.
Information security
fromThe Hacker News
1 day ago

Hackers Exploit CVE-2025-55182 to Breach 766 Next.js Hosts, Steal Credentials

A large-scale credential harvesting operation exploits the React2Shell vulnerability to steal sensitive data from compromised hosts across multiple regions.
Web development
fromTheregister
2 weeks ago

Brilliant backups landed web developer in big trouble

A website migration oversight caused a two-year disconnect where office staff viewed outdated content due to hardcoded DNS settings, while the client only discovered the issue when accessing the site from the office.
#claude-code
Software development
fromArs Technica
4 days ago

Entire Claude Code CLI source code leaks thanks to exposed map file

Claude Code's complexity and architecture provide valuable insights for competitors and pose security risks for Anthropic.
Information security
fromSecurityWeek
2 days ago

Critical Vulnerability in Claude Code Emerges Days After Source Leak

Anthropic's Claude Code source code was leaked, revealing operational details but not compromising sensitive data like model weights or customer information.
Software development
fromArs Technica
4 days ago

Entire Claude Code CLI source code leaks thanks to exposed map file

Claude Code's complexity and architecture provide valuable insights for competitors and pose security risks for Anthropic.
Information security
fromSecurityWeek
2 days ago

Critical Vulnerability in Claude Code Emerges Days After Source Leak

Anthropic's Claude Code source code was leaked, revealing operational details but not compromising sensitive data like model weights or customer information.
more#claude-code
Information security
fromSecurityWeek
1 day ago

React2Shell Exploited in Large-Scale Credential Harvesting Campaign

Threat actor exploits Next.js vulnerabilities to exfiltrate credentials and compromise systems at scale, affecting over 766 systems and collecting more than 10,000 files.
Information security
fromInfoQ
1 day ago

Open Source Security Tool Trivy Hit by Supply Chain Attack, Prompting Urgent Industry Response

A malicious release of the Trivy vulnerability scanner exposed critical weaknesses in software supply chain security, allowing for potential credential theft.
#supply-chain-attack
Web frameworks
fromThe Hacker News
1 month ago

Fake Laravel Packages on Packagist Deploy RAT on Windows, macOS, and Linux

Malicious Packagist PHP packages disguised as Laravel utilities distribute a cross-platform remote access trojan enabling full system compromise on Windows, macOS, and Linux.
Information security
fromInfoQ
4 days ago

PyPI Supply Chain Attack Compromises LiteLLM, Enabling the Exfiltration of Sensitive Information

A supply chain attack on LiteLLM led to over 40,000 downloads of a compromised package that harvested sensitive information.
Web frameworks
fromThe Hacker News
1 month ago

Fake Laravel Packages on Packagist Deploy RAT on Windows, macOS, and Linux

Malicious Packagist PHP packages disguised as Laravel utilities distribute a cross-platform remote access trojan enabling full system compromise on Windows, macOS, and Linux.
Information security
fromInfoQ
4 days ago

PyPI Supply Chain Attack Compromises LiteLLM, Enabling the Exfiltration of Sensitive Information

A supply chain attack on LiteLLM led to over 40,000 downloads of a compromised package that harvested sensitive information.
more#supply-chain-attack
Information security
fromInfoWorld
1 day ago

Claude Code leak puts enterprise trust at risk as security, governance concerns mount

Leaks threaten Anthropic's market position and raise security concerns about its AI coding tools.
#mobile-security
Information security
fromSecurityWeek
1 day ago

Mobile Attack Surface Expands as Enterprises Lose Control

Mobile device security is inadequate, with many organizations using critically outdated operating systems and exposing sensitive data to potential attacks.
fromInfoWorld
1 month ago
Information security

Three web security blind spots in mobile DevSecOps pipelines

Mobile apps require fundamentally different security approaches than web applications because they operate as untrusted endpoints where attackers have physical access to the binary, making traditional web-centric security models inadequate.
Information security
fromSecurityWeek
1 day ago

Mobile Attack Surface Expands as Enterprises Lose Control

Mobile device security is inadequate, with many organizations using critically outdated operating systems and exposing sensitive data to potential attacks.
more#mobile-security
#cisco
Information security
fromSecurityWeek
2 days ago

Cisco Patches Critical and High-Severity Vulnerabilities

Cisco has released fixes for two critical and six high-severity vulnerabilities affecting various enterprise networking products.
Information security
fromThe Hacker News
2 days ago

Cisco Patches 9.8 CVSS IMC and SSM Flaws Allowing Remote System Compromise

Cisco has released critical updates to address vulnerabilities in its Integrated Management Controller and Smart Software Manager On-Prem.
Information security
fromSecurityWeek
2 days ago

Cisco Patches Critical and High-Severity Vulnerabilities

Cisco has released fixes for two critical and six high-severity vulnerabilities affecting various enterprise networking products.
Information security
fromThe Hacker News
2 days ago

Cisco Patches 9.8 CVSS IMC and SSM Flaws Allowing Remote System Compromise

Cisco has released critical updates to address vulnerabilities in its Integrated Management Controller and Smart Software Manager On-Prem.
more#cisco
#malware
Information security
fromThe Hacker News
5 days ago

DeepLoad Malware Uses ClickFix and WMI Persistence to Steal Browser Credentials

DeepLoad malware uses ClickFix tactics and AI-assisted obfuscation to evade detection and steal credentials immediately.
Information security
fromThe Hacker News
1 day ago

New SparkCat Variant in iOS, Android Apps Steals Crypto Wallet Recovery Phrase Images

A new version of SparkCat malware targets cryptocurrency users on mobile platforms, concealing itself in benign apps and evolving its technical capabilities.
Information security
fromTheregister
2 days ago

Fake Claude Code source downloads actually delivered malware

Leaked Claude Code source code led to malware downloads, including credential-stealing Vidar and proxy tool GhostSocks, via a malicious GitHub repository.
Information security
fromSecurityWeek
3 days ago

New DeepLoad Malware Dropped in ClickFix Attacks

DeepLoad malware steals credentials and intercepts browser interactions, utilizing ClickFix for distribution and evading detection through sophisticated techniques.
Information security
fromThe Hacker News
5 days ago

DeepLoad Malware Uses ClickFix and WMI Persistence to Steal Browser Credentials

DeepLoad malware uses ClickFix tactics and AI-assisted obfuscation to evade detection and steal credentials immediately.
more#malware
#chrome
Information security
fromTechRepublic
2 days ago

Patch Now: Chrome Flaw Under Active Attack, Google Confirms

Google has released a security update for Chrome due to multiple high-severity vulnerabilities, including an actively exploited use-after-free flaw.
Information security
fromTechRepublic
2 days ago

Patch Now: Chrome Flaw Under Active Attack, Google Confirms

Google has released a security update for Chrome due to multiple high-severity vulnerabilities, including an actively exploited use-after-free flaw.
more#chrome
#north-korea
Information security
fromFortune
2 days ago

I knew about North Korean hackers-they still tricked me and got into my computer | Fortune

North Korean hackers are increasingly targeting individuals in the crypto industry, employing sophisticated deception tactics.
Information security
fromFortune
2 days ago

I knew about North Korean hackers-they still tricked me and got into my computer | Fortune

North Korean hackers are increasingly targeting individuals in the crypto industry, employing sophisticated deception tactics.
more#north-korea
Information security
fromSecurityWeek
4 days ago

Exploitation of Critical Fortinet FortiClient EMS Flaw Begins

Threat actors exploit a critical SQL injection vulnerability in Fortinet FortiClient EMS, allowing remote code execution without authentication.
Web development
fromInfoWorld
2 months ago

PHP language still relevant, advocate insists

PHP remains widely used and relevant in 2026, powering many websites and integrating well with modern tools and performance improvements.
#phishing
Information security
fromTechzine Global
5 days ago

Major phishing campaign on GitHub using fake security alerts

A large-scale phishing campaign targets developers on GitHub, exploiting Discussions to spread fake security alerts about Visual Studio Code and distribute malware.
Information security
fromThe Hacker News
3 days ago

Casbaneiro Phishing Targets Latin America and Europe Using Dynamic PDF Lures

A phishing campaign targets Spanish-speaking users in Latin America and Europe, delivering banking trojans via malware called Horabot.
Information security
fromTechzine Global
5 days ago

Major phishing campaign on GitHub using fake security alerts

A large-scale phishing campaign targets developers on GitHub, exploiting Discussions to spread fake security alerts about Visual Studio Code and distribute malware.
more#phishing
fromThe Hacker News
3 days ago

New Chrome Zero-Day CVE-2026-5281 Under Active Exploitation - Patch Released

"Use-after-free in Dawn in Google Chrome prior to 146.0.7680.178 allowed a remote attacker who had compromised the renderer process to execute arbitrary code via a crafted HTML page."
Information security
Information security
fromInfoQ
4 days ago

Cloudflare Adds Active API Vulnerability Scanning to Its Edge

Cloudflare's Web and API Vulnerability Scanner focuses on detecting Broken Object Level Authorization vulnerabilities in APIs.
#citrix
Information security
fromTheregister
5 days ago

Citrix NetScaler bug may be multiple flaws in one

In-the-wild exploitation of a critical Citrix NetScaler bug has begun, with attackers actively targeting vulnerable systems within days of its disclosure.
Information security
fromSecurityWeek
5 days ago

Exploitation of Fresh Citrix NetScaler Vulnerability Begins

Exploitation of a critical Citrix NetScaler vulnerability began shortly after its public disclosure, with active attempts detected within days.
Information security
fromTheregister
5 days ago

Citrix NetScaler bug may be multiple flaws in one

In-the-wild exploitation of a critical Citrix NetScaler bug has begun, with attackers actively targeting vulnerable systems within days of its disclosure.
Information security
fromSecurityWeek
5 days ago

Exploitation of Fresh Citrix NetScaler Vulnerability Begins

Exploitation of a critical Citrix NetScaler vulnerability began shortly after its public disclosure, with active attempts detected within days.
more#citrix
Information security
fromSecurityWeek
4 days ago

Critical Vulnerability in OpenAI Codex Allowed GitHub Token Compromise

OAuth tokens pose significant security risks, especially when long-lived, as they can lead to widespread breaches across multiple organizations.
Information security
fromComputerWeekly.com
4 days ago

Banning routers won't fix what's already broken | Computer Weekly

The FCC's ban on foreign-made routers addresses future procurement, not current security risks, as routers are already vulnerable and widely deployed.
Information security
fromAxios
6 days ago

Everyone's worried that AI's newest models are a hacker's dream weapon

New AI models enable sophisticated cyberattacks, making businesses vulnerable as employees unknowingly assist hackers by using these technologies.
Information security
fromThe Hacker News
1 week ago

We Found Eight Attack Vectors Inside AWS Bedrock. Here's What Attackers Can Do with Them

AWS Bedrock's connectivity makes it powerful but also exposes it to multiple attack vectors that can compromise enterprise data.
#magento
Information security
fromThe Hacker News
2 weeks ago

Magento PolyShell Flaw Enables Unauthenticated Uploads, RCE and Account Takeover

A critical security flaw in Magento's REST API allows unauthenticated attackers to upload malicious executables, risking code execution and account takeover.
Information security
fromSecurityWeek
2 weeks ago

Thousands of Magento Sites Hit in Ongoing Defacement Campaign

Over 7,500 Magento sites were defaced in a campaign exploiting file upload vulnerabilities, affecting global brands and various organizations.
Information security
fromThe Hacker News
2 weeks ago

Magento PolyShell Flaw Enables Unauthenticated Uploads, RCE and Account Takeover

A critical security flaw in Magento's REST API allows unauthenticated attackers to upload malicious executables, risking code execution and account takeover.
Information security
fromSecurityWeek
2 weeks ago

Thousands of Magento Sites Hit in Ongoing Defacement Campaign

Over 7,500 Magento sites were defaced in a campaign exploiting file upload vulnerabilities, affecting global brands and various organizations.
more#magento
#wordpress-security
Information security
fromTheregister
3 weeks ago

Crooks compromise WordPress sites, spread infostealers

Attackers compromised legitimate WordPress sites including a US Senate candidate's website to distribute infostealer malware through fake Cloudflare CAPTCHA pages that trick users into running malicious commands.
Information security
fromTheregister
3 weeks ago

Crooks compromise WordPress sites, spread infostealers

Attackers compromised legitimate WordPress sites including a US Senate candidate's website to distribute infostealer malware through fake Cloudflare CAPTCHA pages that trick users into running malicious commands.
more#wordpress-security
fromSecurityWeek
3 weeks ago

Ally WordPress Plugin Flaw Exposes Over 200,000 Websites to Attacks

This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database via time-based blind SQL injection techniques.
Information security
#n8n-vulnerabilities
Information security
fromSecurityWeek
3 weeks ago

Critical N8n Vulnerabilities Allowed Server Takeover

Two critical vulnerabilities in n8n allowed unauthenticated remote code execution and sandbox escape, potentially exposing all stored credentials including AWS keys, passwords, OAuth tokens, and API keys.
Information security
fromThe Hacker News
3 weeks ago

Critical n8n Flaws Allow Remote Code Execution and Exposure of Stored Credentials

Two critical vulnerabilities in n8n workflow automation platform enable arbitrary command execution through sandbox escape and unauthenticated expression evaluation, affecting both self-hosted and cloud deployments.
Information security
fromSecurityWeek
3 weeks ago

Critical N8n Vulnerabilities Allowed Server Takeover

Two critical vulnerabilities in n8n allowed unauthenticated remote code execution and sandbox escape, potentially exposing all stored credentials including AWS keys, passwords, OAuth tokens, and API keys.
Information security
fromThe Hacker News
3 weeks ago

Critical n8n Flaws Allow Remote Code Execution and Exposure of Stored Credentials

Two critical vulnerabilities in n8n workflow automation platform enable arbitrary command execution through sandbox escape and unauthenticated expression evaluation, affecting both self-hosted and cloud deployments.
more#n8n-vulnerabilities
Information security
fromTheregister
3 weeks ago

CISA says n8n critical bug exploited in real-world attacks

CISA mandates immediate patching of CVE-2025-68613, a critical 9.9-severity remote code execution vulnerability in n8n workflow automation platform affecting over 103,000 users.
Information security
fromThe Hacker News
3 weeks ago

The Zero-Day Scramble is Avoidable: A Guide to Attack Surface Reduction

Teams must reduce unnecessary internet-facing exposure to minimize vulnerability exploitation risk, as time-to-exploit windows are shrinking to hours or minutes.
Information security
fromSecurityWeek
1 month ago

Claude Code Flaws Exposed Developer Devices to Silent Hacking

Check Point researchers discovered critical vulnerabilities in Claude Code that could enable attackers to gain unauthorized control of developer computers through malicious configuration files.
fromBleepingComputer
1 month ago

Fake Next.js job interview tests backdoor developer's devices

The Microsoft Defender team says that the attacker created fake web app projects built with Next.js and disguised them as coding projects to share with developers during job interviews or technical assessments. The researchers initially identified a repository hosted on the Bitbucket cloud-based Git-based code hosting and collaboration service. However, they discovered multiple repositories that shared code structure, loader logic, and naming patterns.
Information security
Information security
fromComputerWeekly.com
1 month ago

Application exploitation back in vogue, says IBM cyber unit | Computer Weekly

Cyber attacks exploiting vulnerable public-facing applications increased 44%, surpassing credential abuse attacks, with AI tools accelerating vulnerability discovery and exploitation.
Information security
fromThe Hacker News
2 months ago

Critical WordPress Modular DS Plugin Flaw Actively Exploited to Gain Admin Access

Unauthenticated privilege escalation in Modular DS (CVE-2026-23550) allows attackers to obtain administrator access and potentially fully compromise WordPress sites prior to version 2.5.2.
#n8n
more#n8n
Information security
fromSecurityWeek
2 months ago

Organizations Warned of Exploited Linux Vulnerabilities

Critical GNU Inetutils telnetd authentication bypass (CVE-2026-24061) enables remote root via crafted Telnet USER variable, and kernel integer overflow (CVE-2018-14634) permits privilege escalation.
Information security
fromDroids On Roids
2 months ago

When ZeroWidth Isn't Zero: How I Found and Fixed a Vulnerability | Blog

Unicode Variation Selectors can inflate UTF-16 storage size while still passing perceived-length checks, enabling payload injection, performance issues, and possible database crashes.
Information security
fromThe Hacker News
2 months ago

Three Flaws in Anthropic MCP Git Server Enable File Access and Code Execution

Three mcp-server-git vulnerabilities enable prompt-injection attackers to read or delete arbitrary files, execute code, and manipulate repositories unless updated to fixed versions.
[ Load more ]