The Hacker News

Hackers Exploiting Triofox Flaw to Install Remote Access Tools via Antivirus Feature

"To achieve code execution, the attacker logged in using the newly created Admin account. The attacker uploaded malicious ...

Russian hackers abuse Hyper-V to hide malware in Linux VMs

The Russian hacker group Curly COMrades is abusing Microsoft Hyper-V in Windows to bypass endpoint detection and response ...

AI-Slop ransomware test sneaks on to VS Code marketplace

A malicious extension with basic ransomware capabilities seemingly created with the help of AI, has been published on Microsoft's official VS Code marketplace.
SecurityWeek

GlassWorm Malware Returns to Open VSX, Emerges on GitHub

The GlassWorm malware has reared its ugly head again in the Open VSX registry, roughly two weeks after being removed.
Infosecurity Magazine

The Serpent in the System: How Threat Actors Turn Legitimate Tools into Weapons

Threat actors are increasingly using trusted, legitimate tools to hide malicious activity, with 84% of high-severity attacks now leveraging LotL ...

ClickFix attacks just got a major upgrade to trick you into infecting your computer with malware — don't fall for this

ClickFix style attacks now includes video tutorials and OS recognition in order to fool victims into downloading malware onto ...

Malicious AI-made extension with ransomware capabilities sneaks on to Microsoft's official VS Code marketplace - so devs beware

A malicious extension was published on Microsoft’s official VS Code marketplace, and was able to remain there for some time gathering downloads and infecting people’s computers.