The Hacker News

Cracked Software and YouTube Videos Spread CountLoader and GachiLoader Malware

Researchers uncover malware campaigns using cracked software and compromised YouTube videos to deliver CountLoader, ...
Infosecurity Magazine

ClickFix Social Engineering Sparks Rise of CastleLoader Attacks

A new malware campaign has been identified using a Python-based delivery system to deploy CastleLoader malware ...
WeLiveSecurity

LongNosedGoblin tries to sniff out governmental affairs in Southeast Asia and Japan

ESET researchers discovered a China-aligned APT group, LongNosedGoblin, which uses Group Policy to deploy cyberespionage ...

Fake Windows update pushes malware in new ClickFix attack

The ClickFix campaign disguises malware as legitimate Windows updates, using steganography to hide shellcode in PNG files and ...
The Hacker News

NANOREMOTE Malware Uses Google Drive API for Hidden Control on Windows Systems

Written in C++, NANOREMOTE is equipped to perform reconnaissance, execute files and commands, and transfer files to and from ...
Space.com on MSN

NASA spacecraft were vulnerable to hacking for 3 years and nobody knew. AI found and fixed the flaw in 4 days

"A vulnerability in this software poses a threat to billions of dollars in space infrastructure and the scientific missions ...

Sonicwall warns of new SMA1000 zero-day exploited in attacks

SonicWall warned customers today to patch a vulnerability in the SonicWall SMA1000 Appliance Management Console (AMC) that ...

New critical WatchGuard Firebox firewall flaw exploited in attacks

WatchGuard has warned customers to patch a critical, actively exploited remote code execution (RCE) vulnerability in its ...
SecurityWeek

UEFI Vulnerability in Major Motherboards Enables Early-Boot Attacks

Motherboards from several major vendors are affected by a vulnerability that can allow a threat actor to conduct early-boot ...
SecurityWeek

Wide Range of Malware Delivered in React2Shell Attacks

Security firms have seen cryptocurrency miners, Linux backdoors, botnet malware, and post-exploitation implants in ...
CSO Online

Microsoft flips security script: ‘In scope by default’ makes all vulnerabilities fair game for bug bounties

The company’s new approach is that anything touching Microsoft services is eligible for a bug bounty, regardless of its ...