The Hacker News

UAT-10362 Targets Taiwanese NGOs with LucidRook Malware in Spear-Phishing Campaigns

UAT-10362 spear-phishing targets Taiwanese NGOs in October 2025, deploying LucidRook malware for data exfiltration and ...
The Hacker News

DeepLoad Malware Uses ClickFix and WMI Persistence to Steal Browser Credentials

DeepLoad exploits ClickFix and WMI persistence to steal credentials, enabling stealth reinfection after three days.

Microsoft says new Windows Recall bypass isn't a vulnerability

Now, Hagenah has again found what he sees as a new vulnerability in Recall, which he said allows full content extraction from ...
ZAWYA

Kaspersky reports 2025 financial results, driving revenue to $836 mln

Kaspersky posted positive sales results that grew by 4%* year-on-year (YoY) and approached USD 836** million in 2025. This ...
Silicon Canals

Mikko Hyppönen says the age of viruses is over — now he’s building defences against drones

Mikko Hyppönen, one of cybersecurity's most recognizable figures, has spent decades analysing malware. Now he's applying ...
The Next Web

Meta freezes AI data work after breach puts training secrets at risk

Meta has indefinitely paused work with $10B AI data startup Mercor after a LiteLLM supply chain attack exposed training ...

New Phishing Attack Turns n8n Into On-Demand Malware Machine

Hackers are abusing n8n workflows to deliver malware and evade detection, according to Cisco Talos, using trusted automation ...

Critical flaw in Protobuf library enables JavaScript code execution

Proof-of-concept exploit code has been published for a critical remote code execution flaw in protobuf.js, a widely used ...

CPUID hacked to deliver malware via CPU-Z, HWMonitor downloads

Hackers gained access to an API for the CPUID project and changed the download links on the official website to serve ...
TechCrunch

North Korean hackers blamed for hijacking popular Axios open source project to spread malware

A suspected North Korean hacker has hijacked and modified a popular open source software development tool to deliver malware that could put millions of developers at risk of being compromised. On ...
CSOonline

New ‘StoatWaffle’ malware auto‑executes attacks on developers

The newly observed malware abuses VS Code’s “runOn:folderOpen” feature to execute automatically from trusted projects, enabling near-frictionless compromise. A newly disclosed malware strain dubbed ...