The Hacker News

DPRK-Linked Hackers Use GitHub as C2 in Multi-Stage Attacks Targeting South Korea

DPRK-linked actors use GitHub C2 and LNK phishing in South Korea, enabling persistent PowerShell control and data ...

Developer of VeraCrypt encryption software says Windows users may face boot-up issues after Microsoft locked his account

The maker of the popular open-source file encryption software VeraCrypt said Microsoft locked his online account, which may ...
CSO Online

North Korean hackers abuse LNKs and GitHub repos in ongoing campaign

The multi-stage campaign targeting South Korea uses weaponized Windows shortcuts and GitHub-based command and control to ...

New ‘LucidRook’ malware used in targeted attacks on NGOs, universities

A new Lua-based malware, called LucidRook, is being used in spear-phishing campaigns targeting non-governmental organizations ...

Hackers exploit React2Shell in automated credential theft campaign

Hackers are running a large-scale campaign to steal credentials in an automated way after exploiting React2Shell ...

Security News This Week: Hackers Are Posting the Claude Code Leak With Bonus Malware

Plus: The FBI says a recent hack of its wiretap tools poses a national security risk, attackers stole Cisco source code as ...
Microsoft

Inside an AI‑enabled device code phishing campaign

A new wave of device code phishing shows how threat actors are scaling account compromise using AI and end‑to‑end automation.

Davey Winder

Davey Winder is a technology journalist who covers cybersecurity news and research. He’s covered everything from the 16 ...
PCMag

Microsoft Mysteriously Freezes Accounts for VeraCrypt, WireGuard, Windscribe

I cannot sign drivers, which means I cannot ship updates for WireGuard for Windows,' the creator of the VPN protocol says. On ...
WinBuzzer

Windows Zero-Day Published on Github as Microsoft Fails to Act

A researcher has published a Windows zero-day exploit called BlueHammer on GitHub after Microsoft's Security Response Center ...