SecurityWeek

Infostealer Malware Delivered in EmEditor Supply Chain Attack

The text and code editing tool EmEditor was targeted in a supply chain attack that resulted in the distribution of ...

Download resources for ImagineFX 261

To download the accompanying files for ImagineFX issue 261, head to this link and click download. Please note: if you have ...

New trove of apparent Epstein files posted on DOJ site disappears

The Justice Department didn’t respond to requests for comment on the new documents or the decision to remove them.
The Hacker News

Cracked Software and YouTube Videos Spread CountLoader and GachiLoader Malware

Researchers uncover malware campaigns using cracked software and compromised YouTube videos to deliver CountLoader, ...

WebRAT malware spread via fake vulnerability exploits on GitHub

The WebRAT malware is now being distributed through GitHub repositories that claim to host proof-of-concept exploits for ...

This ad-free Facebook app made my feed enjoyable again for the first time in years

The Nobook app works as a wrapper around the Facebook website, so it's almost like opening the Facebook URL in your default browser. By doing it this way, the app is able to block the things you don't ...
WeLiveSecurity

LongNosedGoblin tries to sniff out governmental affairs in Southeast Asia and Japan

ESET researchers discovered a China-aligned APT group, LongNosedGoblin, which uses Group Policy to deploy cyberespionage ...

Notepad++ users urged to update immediately after hackers hijack the app's updater

The developers of Notepad++ recently discovered an actively exploited vulnerability that enabled hackers to hijack the popular editor's automatic updater. Version 8.8.9 addresses the issue, but ...
TechJuice

Cyber Threat Group Blind Eagle Launches Sophisticated Malware Attacks

Blind Eagle launches new multi-stage malware attacks via spear-phishing to compromise systems and deploy memory-resident ...
The Hacker News

Fake WhatsApp API Package on npm Steals Messages, Contacts, and Login Tokens

A malicious npm package posing as a WhatsApp API intercepts messages, steals credentials, and links attacker devices after 56 ...

From PDFs to patterns: Uncovering anomalies in Tamil Nadu SIR data

The Hindu’s Data Team recently published an article detailing discrepancies in voter deletions across polling booths in Tamil ...

Fake Windows update pushes malware in new ClickFix attack

The ClickFix campaign disguises malware as legitimate Windows updates, using steganography to hide shellcode in PNG files and bypass security detection systems.