The Hacker News

ClickFix Campaigns Expand Malware Delivery With New Loaders and Fake Update Lures

ClickFix attacks are delivering BabaDeda, Lorem Ipsum, and Potemkin loaders to deploy stealers, RATs, and ransomware-linked ...
Microsoft

Crypto Clipper uses Tor and worm-like propagation for persistence and control

Microsoft Threat Intelligence analyzed a cryptocurrency clipper campaign that combines clipboard theft, wallet replacement, ...
MUO on MSN

I found PowerShell's pipeline does what batch files can't and I stopped using CMD

A single pipeline replaced fourteen lines and I never looked back.

Urgent Windows warning issued and don't ignore it if you use Microsoft Office

An urgent alert has been issued to millions of Windows users after the discovery of a new scam that offers Office and Spotify ...
Dark Reading

Fileless Phantom Stealer Targets Browser Credentials

In addition to executing entirely in memory, the malware's infection chain incorporates other anti-analysis techniques ...
Microsoft

From package to postinstall payload: Inside the Mastra npm supply chain compromise

A poisoned npm package infected 140+ projects with a hidden payload. This report highlights how to detect, hunt, and defend ...
The Hacker News

Junior Hacker Used Tailscale and OpenSSH to Keep Access After His C2 Went Offline

Cato Networks tracked Poisson using OpenSSH and Tailscale to maintain access after Havoc C2 outage in a 33-day intrusion.

That free Spotify tutorial stole your passwords. Here’s what to do.

Criminals are running polished fake tutorial videos on social media promising free Spotify Premium, Microsoft Office and ...

Windows Subsystem for Linux gives developers a compelling reason to stick with Microsoft - here's why

WSL 3 makes staying on Windows easier, especially for developers building or running Linux-based AI, container, or dev ...
Dark Reading

'Lorem Ipsum' Malware Pivots to ClickFix Delivery

New analysis shows the campaign, which uses compromised WordPress sites, may be linked to the ransomware and extortion group Vice Society.

Short Videos Can Now be Used to Steal Your Passwords

A new report from ReversingLabs has warned users about short-form videos on platforms such as TikTok and Instagram Reels that ...
Android

Hackers Use Fake Spotify Premium Videos on TikTok to Spread Malware

A new report warns users that hackers are using TikTok and Instagram short-form videos to target victims. They’re leveraging fake free Spotify Premium, Windows, Microsoft Office, and Adobe videos for ...