Hackers abuse Google ads, Claude.ai chats to push Mac malware

Attackers are abusing Google Ads and legitimate Claude.ai shared chats in an active malvertising campaign. Users searching ...
Microsoft

ClickFix campaign uses fake macOS utilities lures to deliver infostealers

Threat actors are targeting macOS users with fake utility fixes that trick them into running malicious Terminal commands.

Ars Asks: Share your shell and show us your tricked-out terminals!

Exposure therapy to the bash shell brought me to the tipping point, and I jumped ship to the Macintosh side of the house. It ...
WeLiveSecurity

A rigged game: ScarCruft compromises gaming platform in a supply-chain attack

ESET researchers have investigated an ongoing attack by the ScarCruft APT group that targets the Yanbian region via ...

JDownloader site hacked to replace installers with Python RAT malware

The website for the popular JDownloader download manager was compromised earlier this week to distribute malicious Windows ...
Security Boulevard

Local Guardrails for Secrets Security in the Age of AI Coding Assistants

Modern developer environments expose sensitive context across files, prompts, logs, and commands. Learn how layered local ...
Hackaday

The ESP8266 Gets An OS, And It’s Familiar

A couple weeks back we brought you news of KernelUNO, a command line shell and very simple operating system for the Arduino Uno. It’s a neat idea, so it’s hardly surprising to see someone port it to ...

'PCPJack' cloud worm hijacks TeamPCP hacker infrastructure

Named PCPJack, the framework was discovered on April 28 by a hunting rule on Google's VirusTotal malware scanning service ...
The Hacker News

New Linux PamDOORa Backdoor Uses PAM Modules to Steal SSH Credentials

PamDOORa Linux backdoor abuses PAM modules for SSH persistence and credential theft, increasing Linux server compromise risks ...
SecurityWeek

Sophisticated Quasar Linux RAT Targets Software Developers

Dubbed Quasar Linux (QLNX), the RAT has a modular architecture, uses multiple persistence and detection evasion mechanisms, ...
BeInCryptoOpinion

Vibe Coding Will Separate Winning Exchanges From the Rest

Vibe coding is the solution to this gap. Solo builders can now ship yield aggregators, trading bots, and dashboards in days, ...
The Hacker News

ScarCruft Hacks Gaming Platform to Deploy BirdCall Malware on Android and Windows

ScarCruft spreads BirdCall via sqgame.net since late 2024, targeting Android users, enabling surveillance and data theft.