Fake Windows update installs hidden malware

Scammers built a convincing fake Windows update site that installs password-stealing malware. Learn how the multi-stage ...
The Next Web

Someone bought 30 WordPress plugins and planted backdoors in all of them

An attacker purchased 30+ WordPress plugins on Flippa, planted backdoors that lay dormant for eight months, then activated ...
Dark Reading

Bad Memories Still Haunt AI Agents

Anthropic fixed a significant vulnerability in Claude Code's handling of memories, but experts caution that memory files will ...
Bleeping Computer

Fake VS Code alerts on GitHub spread malware to developers

A large-scale campaign is targeting developers on GitHub with fake Visual Studio Code (VS Code) security alerts posted in the Discussions section of various projects, to trick users into downloading ...

Another spyware maker caught distributing fake Android snooping apps

Researchers have found a new case where government authorities used a fake Android app to plant spyware on a target’s phone.
The Hacker News

ThreatsDay Bulletin: $290M DeFi Hack, macOS LotL Abuse, ProxySmart SIM Farms +25 New Stories

ThreatsDay Bulletin: active exploits, supply chain attacks, AI abuse, and stealth data risks observed this week.
Android

Hackers Turned Anthropic's Claude Code Leak into a Malware Lure

Hackers are exploiting a recent accidental source code leak from Anthropic to spread Vidar infostealer malware via fake GitHub repositories. These malicious sites have even managed to appear in top ...
CNET on MSN

YouTube's AI Deepfake Detector Now Lets Any Celebrity Take Down Infringing Videos

YouTube's AI Deepfake Detector Now Lets Any Celebrity Take Down Infringing Videos ...