The Hacker News

Russian CTRL Toolkit Delivered via Malicious LNK Files Hijacks RDP via FRP Tunnels

Russian CTRL toolkit spread via malicious LNK files in February 2026, routing C2 through FRP-tunneled RDP to evade detection.
Dark Reading

Venom Stealer MaaS Platform Commoditizes ClickFix Attacks

A new service on the cybercrime market provides automated capabilities to create persistent information-stealing social ...
Gadget Review on MSN

Hackers turn "I'm not a robot" tests into malware trap scams – here's how

Hackers weaponize CAPTCHA tests to install malware that steals browser passwords and cryptocurrency wallets through fake ...

Here’s How to Encrypt Your Whole External Backup Drive to Keep Your Files Safe

Locking down individual files is great, but a blanket encryption will prevent anyone from getting their paws on your files.
Microsoft

Cookie-controlled PHP webshells: A stealthy tradecraft in Linux hosting environments

Cookie-gated PHP webshells use obfuscation, php-fpm execution, and cron-based persistence to evade detection in Linux hosting ...
Microsoft

Mitigating the Axios npm supply chain compromise

On March 31, 2026, the popular HTTP client Axios experienced a supply chain attack, causing two newly published npm packages ...
CSO Online

Attackers trojanize Axios HTTP library in highest-impact npm supply chain attack

With almost 175,000 npm projects listing the library as a dependency, the attack had a huge cascade effect and shows how ...