Microsoft

StealC and Amadey: Breaking down infostealers and the cybercrime services that deliver them

On June 24, 2026, Microsoft’s Digital Crimes Unit (DCU) facilitated the takedown, suspension, and blocking of domains that ...
Microsoft

From package to postinstall payload: Inside the Mastra npm supply chain compromise by Sapphire Sleet

A poisoned npm package infected 140+ projects with a hidden payload. This report highlights how to detect, hunt, and defend ...
note

Visualizing the Shop Floor: In-House Production Management Board Built with Excel and Python Flask

This is a memo regarding a production management board I built for internal use. We are always running multiple projects simultaneously, not just the immediate ones, but also future ones with flexible ...
makeuseof

Bitwarden is great, but I switched to this better password manager and I control everything now

Aggy is a writer and editor who has worked for many high-traffic digital publications. He's a technology and gaming fanboy who has been a writer, editor, consultant, and computer animator. Most people ...
CSOonline

Fake Claude Code takes the IElevator to your browser secrets

Attackers are using fake Claude Code installers to deploy malware that abuses Chrome’s IElevator interface to steal protected browser data. Developers looking for Anthropic’s increasingly popular ...
theregister

Cookie thieves caught stealing dev secrets via fake Claude Code installers

An ongoing campaign steals developers’ secrets via fake Claude Code installers and other popular coding tools, according to Ontinue’s security researchers. The payload is unique, and doesn’t match up ...
Infosecurity-magazine.com

Fake Claude Code Page Pushes PowerShell Stealer at Devs

A previously undocumented information stealer has been distributed through fake Claude Code installation pages, hijacking Chromium browsers to bypass App-Bound Encryption and exfiltrate cookies, ...
The Hacker News

Windows Phone Link Exploited by CloudZ RAT to Steal Credentials and OTPs

Cybersecurity researchers have disclosed details of an intrusion that involved the use of a CloudZ remote access tool (RAT) and a previous undocumented plugin dubbed Pheno with the aim of facilitating ...
ZDNet

Trojan abuses Microsoft Phone Link app to steal your passwords

The CloudZ Trojan steals data through Microsoft Phone Link. The campaign has been active since at least January 2026. Follow our practices to protect yourself from the CloudZ Trojan. Cisco Talos ...
The Hacker News

SAP-Related npm Packages Compromised in Credential-Stealing Supply Chain Attack

Cybersecurity researchers are sounding the alarm about a new supply chain attack campaign targeting SAP-related npm Packages with credential-stealing malware. mbt@1.2.48 @cap-js/db-service@2.10.1 @cap ...
GitHub

Agent Long-Term Memory Bank using SQLite and FTS5.

Lorekeeper is a Rust MCP (Model Context Protocol) server that provides structured long-term memory for AI coding agents (operating under the TARS protocol or similar workflows). It replaces flat-file ...
WeLiveSecurity

MuddyWater: Snakes by the riverbank

ESET researchers have identified new MuddyWater activity primarily targeting organizations in Israel, with one confirmed target in Egypt. MuddyWater, also referred to as Mango Sandstorm or TA450, is ...