Do fear the Reaper - stealer swipes macOS users' passwords, wallets, then backdoors them

A new infostealer variant targets macOS users by spoofing Apple, Microsoft, and Google and then then gets to work searching ...
SecurityWeek

Legacy Windows Tool MSHTA Fuels Surge in Silent Malware Attacks

Attackers are increasingly abusing Microsoft’s legacy MSHTA utility to silently deliver malware, stealers, and persistent ...
Morning Overview on MSN

An LLM agent just cracked a public network and drained a whole cloud database in under two ...

Sometime in early 2026, an autonomous AI agent connected to a public-facing WebSocket endpoint, received a full interactive shell without entering a single credential, and used that access to extract ...

Fake CAPTCHA scam can hack your computer

Fake CAPTCHA scams trick users into opening command windows and pasting malicious scripts, installing StealC malware that ...
Dark Reading

Stealer Spoofs Google, Microsoft & Apple, Then Backdoors macOS

SHub Reaper stealer, which hides behind fake WeChat and Miro installers, marks a shift from ClickFix social engineering to ...
Microsoft

The Gentlemen ransomware: Dissecting a self-propagating Go encryptor

Microsoft Threat Intelligence presents a comprehensive analysis of The Gentlemen, a Go-based ransomware deployed by ...
PCMag on MSN

Kash Patel's apparel site is trying to trick visitors into installing malware

The FBI director's Based Apparel site has been spotted hosting a 'ClickFix' attack, which involves duping users into running ...

Amazon wants you to throw away your old Kindle. Here's why I jailbroke mine instead

Amazon just turned a lot of old Kindles into paperweights. If you have one, here's why you should jailbreak it.

SHub macOS infostealer variant spoofs Apple security updates

A new variant of the 'SHub' macOS infostealer uses AppleScript to show a fake security update message and installs a backdoor ...
Microsoft

Malicious npm packages abuse dependency confusion to profile developer environments

A dependency confusion campaign leveraged 33 malicious npm packages to collect reconnaissance data from developer and build environments. This report details the attack chain, observed tradecraft, and ...
Space.com

'For All Mankind' spin-off 'Star City' will make you want to know more about the Soviet ...

Stories of NASA and Apollo have passed into folklore, but the equivalent stories from the other side of the Iron Curtain have ...

Iran rebuilding military industrial base faster than expected, already producing drones, according to US intel

CNN’s Zachary Cohen joins CNN News Central with his reporting with Natasha Bertrand on Iran’s effort to rebuild its military ...