The Hacker News

Axios Supply Chain Attack Pushes Cross-Platform RAT via Compromised npm Account

Axios 1.14.1 and 0.30.4 injected malicious plain-crypto-js@4.2.1 after npm compromise on March 31, 2026, deploying ...
Microsoft

Cookie-controlled PHP webshells: A stealthy tradecraft in Linux hosting environments

Cookie-gated PHP webshells use obfuscation, php-fpm execution, and cron-based persistence to evade detection in Linux hosting ...
Microsoft

Mitigating the Axios npm supply chain compromise

On March 31, 2026, the popular HTTP client Axios experienced a supply chain attack, causing two newly published npm packages ...
SecurityWeek

React2Shell Exploited in Large-Scale Credential Harvesting Campaign

The UAT-10608 hacking group is using automated scanning and scripts to exploit React2Shell in a large-scale credential ...

Hackers exploit React2Shell in automated credential theft campaign

Hackers are running a large-scale campaign to steal credentials in an automated way after exploiting React2Shell ...
OSTechNix

20 Vim Tricks That Will Change How You Edit

Stop editing at 10% of Vim's power. Master registers, :norm, fuzzy completion, linematch diff, and 16 more Vim tricks. Tested ...
PC Magazine

RIP Microsoft Publisher. Switch to These Alternatives Before It Disappears This Fall

RIP Microsoft Publisher. Switch to These Alternatives Before It Disappears This Fall Microsoft Publisher is going away for good in a few short months, so you need to find an alternative sooner rather ...