The Hacker News

APT41-Linked Silver Dragon Targets Governments Using Cobalt Strike and Google Drive C2

Researchers link Silver Dragon APT to APT41 after attacks on government entities using Cobalt Strike, DNS tunneling, and ...
GovInfoSecurity

Malicious Repo Files Could Hijack Claude Code Sessions

Check Point research found three critical flaws in Anthropic's Claude Code that allow attackers to execute arbitrary commands and steal API keys through repository ...
Security Boulevard

Dust Specter APT Targets Government Officials in Iraq

IntroductionIn January 2026, Zscaler ThreatLabz observed activity by a suspected Iran-nexus threat actor targeting government officials in Iraq. ThreatLabz discovered previously undocumented malware ...
Bleeping Computer

Windows 11 Notepad flaw let files execute silently via Markdown links

If a user opened this Markdown file in Windows 11 Notepad versions 11.2510 and earlier and viewed it in Markdown mode, the above text would appear as a clickable link. If the link is clicked with ...

Microsoft warns of OAuth phishing campaigns able to bypass email and browser defenses

An OAuth feature is being abused in the wild to drop malware to people's computers.
InfoWorld

The best new features of C# 14

File-based apps, extension members, nameof improvements, and user-defined compound assignment operators make life easier for C# programmers. You’ll need .NET 10.

Microsoft testing Windows 11 batch file security improvements

Microsoft is rolling out new Windows 11 Insider Preview builds that improve security and performance during batch file or CMD ...

AI Agents Are Quietly Redefining Enterprise Security Risk

AI agents now operate across enterprise systems, creating new risk via prompt injection, plugins, and persistent memory. Here’s how to adapt security.
Design News

How I Built a Universal Push-Button Module Using Claude Code

Explore the future of embedded systems development with Claude Code. Learn how AI tools could deliver high-quality code faster.