Microsoft

From package to postinstall payload: Inside the Mastra npm supply chain compromise by Sapphire Sleet

A poisoned npm package infected 140+ projects with a hidden payload. This report highlights how to detect, hunt, and defend ...
Bitdefender

Microsoft’s MSHTA Legacy Tool Still Powers Malware Campaigns on Windows

Bitdefender security researchers have discovered that attackers continue to exploit Microsoft HTML Application Host (MSHTA), a legacy utility available by default on Windows systems that can execute ...
PC Gamer

'The most boring protocol on the internet is also, quietly, one of the most abusable': Doom has been broken down into 1,964 DNS text records and can be run via a PowerShell script

For the quickest way to join, simply enter your email below and get access. We will send a confirmation and sign you up to our newsletter to keep you updated on all your gaming news.
makeuseof

I stopped using browser bookmarks because this self-hosted tool organizes everything for me

Yasir is a Mechanical Engineer who writes about tech at MUO, covering Windows, Productivity, Security, and the Internet. His interest in autonomous systems keeps him constantly tinkering with both ...
WeLiveSecurity

Love? Actually: Fake dating app used as lure in targeted spyware campaign in Pakistan

ESET researchers have uncovered an Android spyware campaign leveraging romance scam tactics to target individuals in Pakistan. The campaign uses a malicious app posing as a chat platform that allows ...
The Hacker News

New Malware Campaign Delivers Remcos RAT Through Multi-Stage Windows Attack

Cybersecurity researchers have disclosed details of a new campaign dubbed SHADOW#REACTOR that employs an evasive multi-stage attack chain to deliver a commercially available remote administration tool ...
Bitdefender

Curly COMrades: A New Threat Actor Targeting Geopolitical Hotbeds

This research from Bitdefender Labs details a cluster of malicious activity we've been tracking since mid-2024. It uncovers a new threat actor group we’ve named Curly COMrades, operating to support ...
GitHub

Execute PowerShell scripts or commands silently with no console window

QuietShell is a command-line application for headless PowerShell execution supporting both in-process runspaces and out-of-process execution models. QuietShell eliminates console window visibility ...
The Hacker News

FIN7, FIN8, and Others Use Ragnar Loader for Persistent Access and Ransomware Operations

Threat hunters have shed light on a "sophisticated and evolving malware toolkit" called Ragnar Loader that's used by various cybercrime and ransomware groups like Ragnar Locker (aka Monstrous Mantis), ...
GitHub

PowerShell Encoded Commands Tool

The PowerShell Encoded Commands Tool is a web-based utility designed to simplify the encoding and decoding of PowerShell commands using the EncodedCommand technique. This technique involves converting ...
LinkedIn

How Hackers Take Over Computers & Systems With Reverse Shells

Cybersecurity threats continue to evolve, and one of the most dangerous techniques used by hackers is the reverse shell. This method allows attackers to gain remote control over a victim’s machine, ...