The Hacker News

Hackers Exploit CVE-2025-55182 to Breach 766 Next.js Hosts, Steal Credentials

"The C2 hosts a web-based graphical user interface (GUI) titled 'NEXUS Listener' that can be used to view stolen information ...
Microsoft

Cookie-controlled PHP webshells: A stealthy tradecraft in Linux hosting environments

Cookie-gated PHP webshells use obfuscation, php-fpm execution, and cron-based persistence to evade detection in Linux hosting ...

13-year-old bug in ActiveMQ lets hackers remotely execute commands

Security researchers discovered a remote code execution (RCE) vulnerability in Apache ActiveMQ Classic that has gone ...

Hackers slipped a trojan into the code library behind most of the internet. Your team is probably affected

Attackers stole a long-lived npm token from the lead axios maintainer and published two poisoned versions that drop a ...
CoinDesk

Coinbase’s AI payments system joins Linux Foundation, gathers support from Google, Stripe, AWS and others

The Coinbase-engineered agentic commerce protocol x402 has garnered support from a long list of big names like Google, ...
Crypto News

Coinbase & Linux Foundation Debut X402: HTTP-Native Crypto Payment Standard

The collaboration of Coinbase & Linux in the X402 Foundation, redefining online payments with open-source protocols.
The Hacker News

⚡ Weekly Recap: Axios Hack, Chrome 0-Day, Fortinet Exploits, Paragon Spyware and More

Phishing surge, LinkedIn tracking claims, spyware use, and rising stealers expose growing abuse of trusted systems.