News

Popular npm linter packages hijacked via phishing to drop malware
Popular JavaScript libraries eslint-config-prettier and eslint-plugin-prettier were hijacked this week and turned into ...
The Hacker News21h
Ivanti Zero-Days Exploited to Drop MDifyLoader and Launch In-Memory Cobalt Strike Attacks
CVE-2025-0282 is a critical security flaw in ICS that could permit unauthenticated remote code execution. It was addressed by Ivanti in early January 2025. CVE-2025-22457, patched in April 2025, ...
WeLiveSecurity4d
Unmasking AsyncRAT: Navigating the labyrinth of forks
AsyncRAT has cemented its place as a cornerstone of modern malware and as a pervasive threat that has evolved into a ...
Computing2d
Kaspersky identifies new backdoor targeting Microsoft Exchange servers
Kaspersky researchers have uncovered a new backdoor based on open-source tools, dubbed GhostContainer. It leverages ...
The Hacker News4d
New PHP-Based Interlock RAT Variant Uses FileFix Delivery Mechanism to Target Multiple Industries
The JavaScript code acts as a traffic distribution system (TDS), using IP filtering techniques to redirect users to fake ...
TechBooky1d
Hackers use Microsoft Teams to spread Matanbuchus malware
Morphisec said on Wednesday that a new version of the Matanbuchus malware loader is being distributed by phishing through ...