The Hacker News

DPRK-Linked Hackers Use GitHub as C2 in Multi-Stage Attacks Targeting South Korea

DPRK-linked actors use GitHub C2 and LNK phishing in South Korea, enabling persistent PowerShell control and data ...
来自MSN

Automating my entire Windows workflow with PowerShell scripts saves me hours every week

At some point, I noticed I was repeating the same routine every week. None of the stuff I was doing was difficult, but it was a collection of small chores that kept interrupting real work. I'd have to ...
Arabian Post

GitHub shortcut ruse hits South Korean networks

Earlier variants used simple obfuscation to hide GitHub addresses and access tokens, while later samples shifted to decoding routines inside the shortcut arguments, suggesting the operators have ...

Hackers compromise Axios npm package to drop cross-platform malware

Hackers hijacked the npm account of the Axios package, a JavaScript HTTP client with 100M+ weekly downloads, to deliver ...
iHLS Israel Homeland Security

Trusted Apps, Hidden Threats: AI-Powered Malware on the Rise

Cybercriminals are increasingly prioritizing speed and scalability over technical sophistication. Rather than crafting highly ...
The Hacker News

⚡ Weekly Recap: Axios Hack, Chrome 0-Day, Fortinet Exploits, Paragon Spyware and More

Phishing surge, LinkedIn tracking claims, spyware use, and rising stealers expose growing abuse of trusted systems.
CSO Online

6 ways attackers abuse AI services to hack your business

As enterprises rely more heavily on AI technologies and services, attackers’ living-off-the-land techniques have evolved to ...
Cybernews

Critical compromise: Axios NPM library with 100M weekly downloads is delivering malware

A critical supply chain attack has compromised the popular JavaScript library axios, leading to developers unknowingly ...
Computing

“You are competing not to be chosen by cybercriminals”

Organisations can make themselves tougher targets for cybercriminals by adopting proactive, default-deny security framework, ...
Bleeping Computer

TeamPCP deploys Iran-targeted wiper in Kubernetes attacks

The TeamPCP hacking group is targeting Kubernetes clusters with a malicious script that wipes all machines when it detects systems configured for Iran. The threat actor is responsible for the recent ...
The News International

Cybercriminals use AI to access government systems

Cybercriminals used AI chatbots to execute a large-scale digital attack which resulted in the theft of personal information that belonged to almost 195 million Mexican taxpayers from government ...