Microsoft

Cookie-controlled PHP webshells: A stealthy tradecraft in Linux hosting environments

Cookie-gated PHP webshells use obfuscation, php-fpm execution, and cron-based persistence to evade detection in Linux hosting ...
The Hacker News

36 Malicious npm Packages Exploited Redis, PostgreSQL to Deploy Persistent Implants

Strapi plugins exploit Redis and PostgreSQL via postinstall scripts, enabling persistent access and data theft.
OSTechNix

EmDash: The Secure, Fast TypeScript Successor to WordPress

EmDash is an open-source CMS built on Astro and Cloudflare. Featuring sandboxed plugins, AI-native tools, and 66% faster ...