CSO Online

WhatsApp malware campaign uses malicious VBS files to gain persistent access

The attack chain relies on delayed execution, trusted Windows utilities, and legitimate hosting services to maintain ...

WhatsApp File, One Click, Full Control: Microsoft Flags Silent Malware Attack Using VBS Scripts

Microsoft warns of a new silent cyberattack spreading through WhatsApp messages with disguised VBS files. The malware hides ...

Claude AI finds Vim, Emacs RCE bugs that trigger on file open

Vulnerabilities in the Vim and GNU Emacs text editors, discovered using simple prompts with the Claude assistant, allow ...
Microsoft

Mitigating the Axios npm supply chain compromise

On March 31, 2026, the popular HTTP client Axios experienced a supply chain attack, causing two newly published npm packages ...
Infosecurity Magazine

GitHub Used as Covert Channel in Multi-Stage Malware Campaign

A series of malicious LNK files targeting users in South Korea has been detected using a multi-stage attack chain that uses ...
Microsoft

Cookie-controlled PHP webshells: A stealthy tradecraft in Linux hosting environments

Cookie-gated PHP webshells use obfuscation, php-fpm execution, and cron-based persistence to evade detection in Linux hosting ...
TweakTown

The most boring protocol on the Internet can now run DOOM, loading from nearly 2,000 text records

DNS text records and a PowerShell script is the latest absurd way someone has managed to get the iconic first-person shooter ...

I knew about North Korean hackers—they still tricked me and got into my computer

A source reached out to me over Telegram. I didn’t realize his account was compromised until it was almost too late.

Are Everest guides running fake rescue scam by poisoning tourists?

Nepal authorities have unearthed a fake rescue scam, where trekking guides are accused of secretly giving baking soda to ...

Karpathy shares 'LLM Knowledge Base' architecture that bypasses RAG with an evolving markdown library maintained by AI

Karpathy proposes something simpler and more loosely, messily elegant than the typical enterprise solution of a vector ...

LinkedIn secretely scans for 6,000+ Chrome extensions, collects data

A new report dubbed "BrowserGate" warns that Microsoft's LinkedIn is using hidden JavaScript scripts on its website to scan ...
The Hacker News

Casbaneiro Phishing Targets Latin America and Europe Using Dynamic PDF Lures

Augmented Marauder targets Latin America and Europe since 2020, using dynamic PDF phishing to spread Casbaneiro via Horabot.