New Linux botnet SSHStalker uses old-school IRC for C2 comms

A newly documented Linux botnet named SSHStalker is using the IRC (Internet Relay Chat) communication protocol for command-and-control (C2) operations.
The Hacker News

SolarWinds Web Help Desk Exploited for RCE in Multi-Stage Attacks on Exposed Servers

Microsoft links SolarWinds WHD exploits to RCE, lateral movement, and domain compromise in multi-stage attacks.
XDA Developers on MSN

3 services I stopped self-hosting in 2025, and what I'm doing this year instead

Some services are better left to the professionals.
Microsoft

Analysis of active exploitation of SolarWinds Web Help Desk

We are seeing exploitation of SolarWinds Web Help Desk via CVE‑2025‑40551 and CVE‑2025‑40536 that can lead to domain compromise; here is how to patch, hunt, and mitigate now.
Que.com on MSN

China-linked Lotus Blossom breaches Notepad++ hosting, spreads malware

A recent supply-chain-style intrusion has put a spotlight on a familiar truth in cybersecurity: attackers don’t always need to hack ...