The Hacker News
@thehackernews
�� Attackers are using HTTP cookies to control PHP web shells on Linux servers.
Malware stays inactive and runs only when specific cookie values are sent, blending into normal traffic. Cron jobs can also recreate it for persistence.
�� How cookie-triggered web shells evade detection → https://thehackernews.com/2026/04/microsoft-details-cookie-controlled-php.html
Malware stays inactive and runs only when specific cookie values are sent, blending into normal traffic. Cron jobs can also recreate it for persistence.
�� How cookie-triggered web shells evade detection → https://thehackernews.com/2026/04/microsoft-details-cookie-controlled-php.html
🔥 19
😁 8
42 10.4K
Обсуждение 0
Обсуждение не доступно в веб-версии. Чтобы написать комментарий, перейдите в приложение Telegram.
Обсудить в Telegram