Microsoft

Photo ZIP campaign targeting hospitality industry delivers Node.js implant for persistent access

Microsoft Threat Intelligence identified an active multi-stage intrusion campaign targeting hospitality organizations in ...
Microsoft

From package to postinstall payload: Inside the Mastra npm supply chain compromise by Sapphire Sleet

A poisoned npm package infected 140+ projects with a hidden payload. This report highlights how to detect, hunt, and defend ...
Bitdefender

Microsoft’s MSHTA Legacy Tool Still Powers Malware Campaigns on Windows

Bitdefender security researchers have discovered that attackers continue to exploit Microsoft HTML Application Host (MSHTA), a legacy utility available by default on Windows systems that can execute ...
CSOonline

North Korean hackers abuse LNKs and GitHub repos in ongoing campaign

The multi-stage campaign targeting South Korea uses weaponized Windows shortcuts and GitHub-based command-and-control to evade detection. DPRK-linked threat actors are preferring stealth over ...
Bleeping Computer

New ClickFix attack abuses nslookup to retrieve PowerShell payload via DNS

Threat actors are now abusing DNS queries as part of ClickFix social engineering attacks to deliver malware, making this the first known use of DNS as a channel in these campaigns. ClickFix attacks ...
WeLiveSecurity

Love? Actually: Fake dating app used as lure in targeted spyware campaign in Pakistan

ESET researchers have uncovered an Android spyware campaign leveraging romance scam tactics to target individuals in Pakistan. The campaign uses a malicious app posing as a chat platform that allows ...
Bitdefender

Fake Leonardo DiCaprio Movie Torrent Drops Agent Tesla Through Layered PowerShell Chain

After noticing a spike in detections involving what looked like a movie torrent for One Battle After Another, Bitdefender researchers started an investigation and discovered that it was a complex ...
Dark Reading

AI Bolsters Python Variant of Brazilian WhatsApp Attacks

Attackers behind a self-propagating malware campaign targeting Brazilian financial institutions have accelerated and upgraded their malicious activity, using artificial intelligence (AI) to spawn a ...
maketecheasier.com

Why LNK Files in Windows Are a Major Security Vulnerability and How to Stay Safe

Year after year, LNK files are exploited in malware attacks, mainly because a core vulnerability hides malicious content from users. Microsoft has not yet fixed the flaw, so we must be cautious when ...
makeuseof

Windows 11 is removing PowerShell 2.0, but you won’t miss it

After joining MUO in 2014 and earning a degree in Computer Information Systems, Ben left his IT job to go full-time with the site in 2016. He joined the editorial team in 2017 and has climbed the ...
Analytics Insight

Top Programming Languages for Hacking in 2025

Python remains the most versatile language for scripting and automation in ethical hacking. C and C++ are essential for low-level memory manipulation and reverse engineering. JavaScript and SQL are ...
cybernews

Should you disable PowerShell and Command Prompt? Experts weigh in

Fake CAPTCHAs, malicious software update prompts or error messages, phishing emails, and other deceptive social engineering schemes increasingly rely on tricking ...