Hackers are using fake coding jobs to spread malware through GitHub

The malware at the center of it, dubbed Omnistealer by investigators, uses public blockchains not just for payments, but as ...
The Hacker News

DeepLoad Malware Uses ClickFix and WMI Persistence to Steal Browser Credentials

DeepLoad exploits ClickFix and WMI persistence to steal credentials, enabling stealth reinfection after three days.

GitHub developers targeted by fake VS Code alerts spreading malware

Socket uncovers large-scale GitHub spam campaign abusing “Discussions” notifications Fake advisories with bogus CVEs trick ...

Jewish advocacy presses Ottawa to boost community security spending

Centre for Israel and Jewish Affairs wrote to finance minister ahead of spring economic statement after report warned of possible extremist attack ...
SecurityWeek

Cloudflare-Themed ClickFix Attack Drops Infiniti Stealer on Macs

A new ClickFix attack that leverages a Nuitka loader targets macOS users with the Python-based Infiniti Stealer malware.

DarkSword leak puts millions of iPhone users at risk

A leaked hacking tool called DarkSword could expose older iPhones and iPads to attacks through malicious links and ...
iHeart on MSN

Millions of iPhone users vulnerable after hacking tool posted online

The tool allows a hacker to steal messages, passwords, photos, location history, and even cryptocurrency wallets.
Indianapolis Business Journal

Iran conflict raises cyberattack risk, experts say

International conflicts in the physical world can lead to a spike in cyberattacks — both on government entities and on ...

Experts warn Claude Chrome extension could let hackers hijack your online browsing

Prompt injection attacks can now be carried out in browser extensions, experts warn.

Fake VS Code alerts on GitHub spread malware to developers

A large-scale campaign is targeting developers on GitHub with fake Visual Studio Code (VS Code) security alerts posted in the ...
HealthcareInfoSecurity

LiteLLM Hit in Cascading Supply-Chain Attack

Threat group TeamPCP exploited credentials stolen in the Trivy breach to push malicious versions of LiteLLM to PyPI, exposing ...

A major hacking tool has leaked online, putting millions of iPhones at risk. Here’s what you need to know.

Here’s what we know, and what you need to know, about Coruna and DarkSword, two advanced iPhone hacking tools discovered by ...