Microsoft

Photo ZIP campaign targeting hospitality industry delivers Node.js implant for persistent access

Microsoft Threat Intelligence identified an active multi-stage intrusion campaign targeting hospitality organizations in ...

Judge orders DOJ to either unredact more Epstein files or explain why they must stay blacked out

A judge on Thursday ordered the Justice Department to either release unredacted versions of several files on the late sex offender Jeffrey Epstein or explain why it can't do so.
Tech Times

Stolen Passwords: Europol Seizes 27M Credentials in Infostealer Takedown

Operation Endgame malware takedown seized 326 servers, froze $47M in criminal cryptocurrency, and recovered 27 million stolen ...

New York City Council candidate is accused of forgery over AI-generated posts

A former New York City Council candidate has been charged with forgery over allegations he used artificial intelligence to post fake endorsements and news articles on social media.

Cloudflare teams up with Chrome, Edge, and Firefox to tackle bot traffic without CAPTCHAs

Cloudflare says it's developing the protocol with Mozilla, Google, Microsoft, and Shopify, with the group planning to submit ...

FFmpeg fixes PixelSmash flaw in widely used video decoder

A newly disclosed FFmpeg flaw dubbed 'PixelSmash' could be exploited for remote code execution on Jellyfin servers under ...
PCMag

Streaming With a VPN: Which Services Work, Which Don't, and How to Get Around It

Not all streaming services treat VPNs the same. Here's how major platforms differ, why some VPNs are blocked, and your best ...
The Hacker News

New OXLOADER Loader Uses Malicious Google Ads to Deliver CastleStealer

Researchers detail REF8372, a malvertising campaign using fake Node.js ads, Storj-hosted payloads, and OXLOADER to deploy ...
CoinDesk

Ethereum's biggest 'sandwich' bot drained of $7.5 million in ironic exploit

Blockaid said an attacker tricked Jaredfromsubway.eth into approving fake trading routes, then used those approvals to drain ...
Bleeping Computer

Microsoft links Mastra AI supply chain attack to North Korean hackers

Microsoft has attributed a recent Mastra AI supply chain attack that compromised more than 140 npm packages to the North Korean hacking group Sapphire Sleet, also known as BlueNoroff. This attribution ...

The White House said Anthropic’s powerful AI was ‘jailbroken.’ Here’s what that means.

It’s surprisingly simple to trick chatbots into breaking their own rules and spilling forbidden knowledge. Even poems and ...
Security Boulevard

SmartApeSG Launches Okendo Reviews Supply Chain Attack

IntroductionOn May 14, 2026, the Zscaler ThreatLabz team identified unusually high activity associated with the threat actor SmartApeSG to deploy malware. During our examination, we discovered ...