WeLiveSecurity

A rigged game: ScarCruft compromises gaming platform in a supply-chain attack

ESET researchers have investigated an ongoing attack by the ScarCruft APT group that targets the Yanbian region via ...
SecurityWeek

UNC6692 Uses Email Bombing, Social Engineering to Deploy ‘Snow’ Malware

UNC6692 relies on email bombing and social engineering to infect victims with Snow malware: Snowbelt, Snowglaze, and ...

Fake Windows update installs hidden malware

Scammers built a convincing fake Windows update site that installs password-stealing malware. Learn how the multi-stage attack works and how to stay safe.
The Hacker News

New Python Backdoor Uses Tunneling Service to Steal Browser and Cloud Credentials

DEEP#DOOR embeds a Python RAT in a dropper script, using bore[.]pub C2 to steal credentials and evade Windows defenses, ...
TheServerSide

Run Llama LLMs on your laptop with Hugging Face and Python

There are numerous ways to run large language models such as DeepSeek, Claude or Meta's Llama locally on your laptop, including Ollama and Modular's Max platform. But if you want to fully control the ...

One tool call to rule them all? New open source Python tool Runpod Flash eliminates containers for faster AI dev

With Flash GA, the company is attempting to transition from being a provider of raw compute to becoming the essential ...

New Global Scam Uses Fake Meeting Links to Run PowerShell Malware

BlueNoroff hackers used fake Zoom calls, ClickFix prompts, and fileless PowerShell malware to steal credentials from Web3 and ...

Trojan abuses Microsoft Phone Link app to steal your passwords

The CloudZ Trojan steals data through Microsoft Phone Link. The campaign has been active since at least January 2026.  Follow ...
CSOonline

New ClickFix variant bypasses Apple safeguards with one‑click script execution

Jamf finds a ClickFix variant that swaps copy-paste Terminal lures for Script Editor execution, tightening delivery of Atomic Stealer. ClickFix malware campaigns are evolving again, with threat actors ...
CSO Online

Stealthy malware abuses Microsoft Phone Link to siphon SMS OTPs from enterprise PCs

A previously undocumented .NET trojan and its companion Pheno plugin allow attackers to capture mobile authentication codes ...
TechRadar

'This is not your typical run-of-the-mill malware': CPUID download page hacked and tools replaced with links to malicious files

When you purchase through links on our site, we may earn an affiliate commission. Here’s how it works. CPUID.com briefly compromised to serve malware Tainted downloads used DLL sideloading with ...
Los Angeles Times

Feds bust family-run drug business with links to Mexican cartel, prosecutors say

This is read by an automated voice. Please report any issues or inconsistencies here. Federal authorities arrested four members of a Southern California family trafficking fentanyl, methamphetamine ...