W3 Total Cache WordPress plugin vulnerable to PHP command injection

WordPress plugin can be exploited to run PHP commands on the server by posting a comment that contains a malicious payload.
Security Boulevard

Shai-Hulud: The Second Coming

While the September 2025 Shai-Hulud attack focused primarily on credential harvesting and self-propagation, this new variant ...
The Register on MSN

PHP 8.5 lays down long-awaited pipe operator, adds new URI tools

Unfashionable web workhorse refreshed for its ongoing run PHP 8.5 landed on Thursday with a long-awaited pipe operator and a ...
Center for American ProgressOpinion

6 Ways States Can Protect Vaccine Access While the Trump Administration Dismantles the Federal System

As the federal government dismantles the country’s vaccine infrastructure, the burden of ensuring access to vaccines for flu, ...