Microsoft Details Cookie-Controlled PHP Web Shells Persisting via Cron on Linux Servers

6 hours ago [email protected] (The Hacker News)
Microsoft Details Cookie-Controlled PHP Web Shells Persisting via Cron on Linux Servers


Threat actors are increasingly using HTTP cookies as a control channel for PHP-based web shells on Linux servers and to achieve remote code execution, according to findings from the Microsoft Defender Security Research Team.
“Instead of exposing command execution through URL parameters or request bodies, these web shells rely on threat actor-supplied cookie values to gate execution,

The post “Microsoft Details Cookie-Controlled PHP Web Shells Persisting via Cron on Linux Servers” appeared first on The Hacker News

Source:The Hacker News – [email protected] (The Hacker News)

Tags: , , ,

More Stories

Hackers Exploit CVE-2025-55182 to Breach 766 Next.js Hosts, Steal Credentials

1 day ago [email protected] (The Hacker News)

Cisco Patches 9.8 CVSS IMC and SSM Flaws Allowing Remote System Compromise

1 day ago [email protected] (The Hacker News)

The State of Trusted Open Source Report

1 day ago [email protected] (The Hacker News)

Apple Expands iOS 18.7.7 Update to More Devices to Block DarkSword Exploit

2 days ago [email protected] (The Hacker News)

New Chrome Zero-Day CVE-2026-5281 Under Active Exploitation — Patch Released

2 days ago [email protected] (The Hacker News)

TrueConf Zero-Day Exploited in Attacks on Southeast Asian Government Networks

3 days ago [email protected] (The Hacker News)