The Hacker News

Newly Discovered PowMix Botnet Hits Czech Workers Using Randomized C2 Traffic

PowMix targets Czech workforce since Dec 2025 using jittered C2 and ZIP phishing, enabling stealthy remote access and ...
The Hacker News

Obsidian Plugin Abuse Delivers PHANTOMPULSE RAT in Targeted Finance, Crypto Attacks

PHANTOMPULSE spreads via Obsidian plugin abuse in REF6598 campaign, targeting finance and crypto users, bypassing AV controls ...
CIO

Living off the Land attacks pose a pernicious threat for enterprises

Attackers aren't breaking into your house; they’re using your own spare key to hide in plain sight. We need to stop assuming ...
SecurityWeek

Google Antigravity in Crosshairs of Security Researchers, Cybercriminals

Researchers discovered a remote code execution vulnerability and cybercriminals are using its reputation to deliver malware.
Arabian Post

Fake Adobe Reader lure turns remote tool rogue

Attackers are exploiting trust in Adobe’s brand to deliver covert remote access, using a fake Acrobat Reader download page to install ConnectWise ScreenConnect through a fileless, memory-heavy attack ...
Cybernews

China-linked hackers shrink ransomware attacks to hours

Chinese hacking group Storm-1175 is compressing ransomware attacks from days into hours by exploiting vulnerabilities before ...
IT-Online

Implementation Developer (C#/PowerShell) (Remote 10 am – 7 pm) – Western Cape Cape Town

SUPPORT the Professional Services team of a global leader in Customer Engagement Tech by building and maintaining document composition solutions and the data-processing programs that power them as ...

Microsoft’s Patch Tuesday release for April is a whopper

Nearly every major product family needs immediate patching, from Windows to Office to Microsoft Edge, SQL Server, and even ...
CSO Online

RCE by design: MCP architectural choice haunts AI agent ecosystem

Unsafe defaults in MCP configurations open servers to possible remote code execution, according to security researchers who ...

Microsoft adds Windows protections for malicious Remote Desktop files

Microsoft has introduced new Windows protections to defend against phishing attacks that abuse Remote Desktop connection ...
Dark Reading

AI-Powered 'DeepLoad' Malware Steals Credentials, Evades Detection

Researchers have uncovered a new malware strain capable of stealing credentials immediately after gaining a foothold on a victim network, capturing both stored browser passwords and live keystrokes in ...