New VENOM phishing attacks steal senior executives' Microsoft logins

Threat actors using a previously undocumented phishing-as-a-service (PhaaS) platform called "VENOM" are targeting credentials ...
The Hacker News

China-Linked TA416 Targets European Governments with PlugX and OAuth-Based Phishing

TA416 targeted European governments from mid-2025 using PlugX and OAuth abuse, enabling cyber espionage against EU and NATO ...

Earth's microbes may hide a near-universal plastic-eating arsenal, with 600,000 proteins poised to attack waste

Researchers have identified more than 600,000 microbial proteins capable of breaking down natural and synthetic plastics, ...
Microsoft

Cookie-controlled PHP webshells: A stealthy tradecraft in Linux hosting environments

Cookie-gated PHP webshells use obfuscation, php-fpm execution, and cron-based persistence to evade detection in Linux hosting ...
The Robot Report

Transitive Robotics announces Transitive 2.0 open-source robotics framework

Transitive 2.0 adds ClickHouse, Grafana, and Alertmanager, offering advanced storage and monitoring to help scale growing ...
GovInfoSecurity

Grafana AI Bug Leaks Data With Zero-Click Exploit

A Grafana AI flaw enables zero-click data exfiltration by hiding malicious prompts in URLs, said a Noma Security report.
The Hacker News

Microsoft Details Cookie-Controlled PHP Web Shells Persisting via Cron on Linux Servers

Cookie-gated PHP web shells enable persistent Linux RCE via cron-based re-creation, reducing detection in routine traffic ...

What marketers get wrong about A/B testing

Traditional A/B testing splits traffic uniformly: 50 percent to control, 50 percent to variant. That’s a sensible design when ...