Blue Headlineq

30 WordPress Plugins Bought and Backdoored: The 2026 Supply Chain Attack Explained

A 2026 WordPress supply-chain attack allegedly turned 30+ sold plugins into a dormant backdoor operation that hid SEO spam from site owners, persisted beyond a forced update, and exposed deep ...
Microsoft

Cookie-controlled PHP webshells: A stealthy tradecraft in Linux hosting environments

Cookie-gated PHP webshells use obfuscation, php-fpm execution, and cron-based persistence to evade detection in Linux hosting environments. This post examines how this tradecraft conceals execution ...
The Hacker News

Backdoored Smart Slider 3 Pro Update Distributed via Compromised Nextend Servers

Backdoored Smart Slider 3 Pro v3.5.1.35 update distributed for 6 hours via compromised infrastructure, enabling RCE and data ...

Dremio Deepens Apache Iceberg Leadership with V3 Support

Dremio, the Agentic Lakehouse company, today announced Apache Iceberg V3 support is now available in Dremio Cloud.

Leapwork announces continuous validation platform for software quality

The Leapwork Platform covers the full software quality life cycle: functional automation, performance testing and AI-native ...