The Hacker News

DPRK-Linked Hackers Use GitHub as C2 in Multi-Stage Attacks Targeting South Korea

DPRK-linked actors use GitHub C2 and LNK phishing in South Korea, enabling persistent PowerShell control and data ...
GitHub

A patch to finally unlock the best VCD player the SEGA Dreamcast ever saw!

A patch to finally unlock the best VCD player the SEGA Dreamcast ever saw! - DerekPascarella/DreamMovie-UNLOCKED ...
WinBuzzer

Claude Cowork and Claude Code Can Now Control Your Windows Desktop

Anthropic has expanded Claude's desktop control to Windows in Cowork and Claude Code, adding a Dispatch feature that lets ...
Cyber Defense Magazine

5 Best Practices For Managing Remote Access To Industrial Equipment

There has never been a greater need for secure remote connections to production machinery. Industrial settings are getting ...
CSO Online

Security lapse lets researchers view React2Shell hackers’ dashboard

The campaign is stealing credentials from unpatched servers at scale, due to “neglect and efficiency,” says analyst, and the ...
Microsoft

Cookie-controlled PHP webshells: A stealthy tradecraft in Linux hosting environments

Cookie-gated PHP webshells use obfuscation, php-fpm execution, and cron-based persistence to evade detection in Linux hosting ...

Hackers slipped a trojan into the code library behind most of the internet. Your team is probably affected

Attackers stole a long-lived npm token from the lead axios maintainer and published two poisoned versions that drop a ...

Microsoft: Hackers Are Using WhatsApp to Deliver Malware to Windows PCs

Hackers are using WhatsApp messages to deliver malware to Windows PCs, exploiting user trust and attachments to trigger ...
GovInfoSecurity

Backdooring of JavaScript Library Axios Tied to North Korea

A supply-chain attack backdoored versions of Axios, a popular JavaScript library that's present in many different software ...
Microsoft

WhatsApp malware campaign delivers VBScript and MSI backdoors

A malware campaign uses WhatsApp messages to deliver VBS scripts that initiate a multi-stage infection chain. The attack ...
The Hacker News

Microsoft Warns of WhatsApp-Delivered VBS Malware Hijacking Windows via UAC Bypass

The activity begins with the attackers distributing malicious VBS files via WhatsApp messages that, when executed, create ...
CSO Online

WhatsApp malware campaign uses malicious VBS files to gain persistent access

The attack chain relies on delayed execution, trusted Windows utilities, and legitimate hosting services to maintain ...