The Hacker News

DeepLoad Malware Uses ClickFix and WMI Persistence to Steal Browser Credentials

DeepLoad exploits ClickFix and WMI persistence to steal credentials, enabling stealth reinfection after three days.
The Hacker News

UAC-0247 Targets Ukrainian Clinics and Government in Data-Theft Malware Campaign

The Computer Emergencies Response Team of Ukraine (CERT-UA) has disclosed details of a new campaign that has targeted ...
DataBreachToday

Freight Hacker Wields Code-Signing Service to Evade Defenses

Cargo-stealing hackers have a new trick up their sleeve: using a third-party code-signing service makes their remote ...
Infosecurity Magazine

Researchers Spot Surge in Brute-Force Attacks from Middle East

Security researchers have detected a “sharp rise” in brute-force attempts to hijack SonicWall and Fortinet devices, with the ...

Microsoft removes Support and Recovery Assistant from Windows

Microsoft has deprecated and removed the Support and Recovery Assistant (SaRA) command-line utility from all in-support ...
Microsoft

Storm-1175 focuses gaze on vulnerable web-facing assets in high-tempo Medusa ransomware operations

The financially motivated cybercriminal threat actor Storm-1175 operates high-velocity ransomware campaigns that weaponize ...
Windows Latest

Windows 11’s Secure Boot 2023 updates are failing across some PCs, exposing a wider firmware problem

Microsoft’s CA-2023 Secure Boot update broke PCs. Learn why UEFI firmware failed, how vendors reacted, and how to fix your boot issues.
Infosecurity Magazine

DeepLoad Malware Combines ClickFix With AI-Generated Code to Avoid Detection

A newly uncovered malware campaign is combining ClickFix delivery with AI generated evasion techniques to steal enterprise user accounts and passwords. The attacks are designed to provide intruders ...
HealthcareInfoSecurity

Breach Roundup: German Police Expose REvil, GandCrab Boss

This week, German police unmasked a REvil leader, a critical Docker flaw, Medusa ransomware surged, DPRK hackers abused ...

Official CPU-Z And HWMonitor Installers Infected With Malware After Site Breach

The CPU-Z And HWMonitor installers being compromised is notable because a user could do everything correctly and still get pwned.
Arabian Post

MSBuild abuse deepens stealth on Windows

MSBuild, a legitimate Microsoft build tool embedded in many Windows and developer environments, is drawing renewed scrutiny after fresh threat research showed how attackers are using it to run ...