The Hacker News

DPRK-Linked Hackers Use GitHub as C2 in Multi-Stage Attacks Targeting South Korea

DPRK-linked actors use GitHub C2 and LNK phishing in South Korea, enabling persistent PowerShell control and data ...

Developer of VeraCrypt encryption software says Windows users may face boot-up issues after Microsoft locked his account

The maker of the popular open-source file encryption software VeraCrypt said Microsoft locked his online account, which may ...
CSO Online

North Korean hackers abuse LNKs and GitHub repos in ongoing campaign

The multi-stage campaign targeting South Korea uses weaponized Windows shortcuts and GitHub-based command and control to ...

New ‘LucidRook’ malware used in targeted attacks on NGOs, universities

A new Lua-based malware, called LucidRook, is being used in spear-phishing campaigns targeting non-governmental organizations ...

Hackers exploit React2Shell in automated credential theft campaign

Hackers are running a large-scale campaign to steal credentials in an automated way after exploiting React2Shell ...

New Password Stealer Bypasses 2FA—Chrome, Edge And Firefox Targeted

This new Storm attack platform can exfiltrate passwords and session data, enabling 2FA bypass. Google Chrome, Microsoft Edge ...
Microsoft

Inside an AI‑enabled device code phishing campaign

A new wave of device code phishing shows how threat actors are scaling account compromise using AI and end‑to‑end automation.

Davey Winder

Davey Winder is a technology journalist who covers cybersecurity news and research. He’s covered everything from the 16 ...
PCMag

Microsoft Mysteriously Freezes Accounts for VeraCrypt, WireGuard, Windscribe

I cannot sign drivers, which means I cannot ship updates for WireGuard for Windows,' the creator of the VPN protocol says. On ...
WinBuzzer

Windows Zero-Day Published on Github as Microsoft Fails to Act

A researcher has published a Windows zero-day exploit called BlueHammer on GitHub after Microsoft's Security Response Center ...