The Hacker News

Trojanized Gaming Tools Spread Java-Based RAT via Browser and Chat Platforms

Trojanized gaming tools and new Windows RATs like Steaelite enable data theft, ransomware, and persistent remote control.
The Hacker News

Fake Tech Support Spam Deploys Customized Havoc C2 Across Organizations

Fake IT support calls delivered Havoc C2, enabling credential theft, lateral movement, and ransomware prep across five ...

Chrome Extension Hijacked to Deliver Malware, Steal Crypto Wallets

A compromised Chrome extension with 7,000 users was updated to deploy malware, strip security headers, and steal cryptocurrency wallet seed phrases.

4 Unexpected Uses For Your Old Nintendo Wii Remotes

Those old Wii Remotes you have collecting dust still have life left in them. With a little creativity, you can use them in ...
Microsoft

Developer-targeting campaign using malicious Next.js repositories

A developer-targeting campaign leveraged malicious Next.js repositories to trigger a covert RCE-to-C2 chain through standard ...
SecurityWeek

‘Arkanix Stealer’ Malware Disappears Shortly After Debut

The Arkanix Stealer malware can collect and exfiltrate system information, browser data, VPN information, and arbitrary files ...
Dark Reading

Malicious Next.js Repos Target Developers Via Fake Job Interviews

Linked to North Korean fake job-recruitment campaigns, the poisoned repositories are aimed at establishing persistent C2 ...

CISA warns that RESURGE malware can be dormant on Ivanti devices

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has released new details about RESURGE, a malicious implant used in zero-day attacks exploiting CVE-2025-0282 to breach Ivanti Connect ...

Why encrypted backups may fail in an AI-driven ransomware era

Why encrypted backups may fail in an AI-driven ransomware era ...
Infosecurity Magazine

Iranian Cyber Threat Actor Targets Iraqi Government Officials in AI-Powered Campaign

Zscaler ThreatLabz assessed with medium to high confidence that an Iranian adversary targeted Iraq’s Ministry of Foreign ...

‘Resurge’ malware can remain undetected on devices

The malware can remain undetected on a system until a threat actor initiates a connection with the compromised device, a CISA ...

Fake Next.js job interview tests backdoor developer's devices

The Microsoft Defender team has discovered a coordinated campaign targeting software developers through malicious repositories posing as legitimate Next.js projects and technical assessment materials, ...