The Hacker News

Researchers Uncover Pre-Stuxnet ‘fast16’ Malware Targeting Engineering Software

Fast16 malware from 2005 predates Stuxnet by five years, targeting engineering software to sabotage calculations and reshape ...
SecurityWeek

Pre-Stuxnet Sabotage Malware ‘Fast16’ Linked to US-Iran Cyber Tensions

The Fast16 sabotage malware targeted high-precision computing workloads and could propagate through entire facilities.
TalkAndroid

Warning: This WhatsApp file can secretly give hackers full control of your PC—here’s how the attack works

Think twice before opening unexpected WhatsApp attachments—a new kind of malware attack has let hackers seize control of ...
The Hacker News

Mustang Panda’s New LOTUSLITE Variant Targets India Banks, South Korea Policy Circles

Updated LOTUSLITE targets India banking sector via CHM and DLL side-loading, expanding espionage campaign to South Korea and ...
Windows Latest

Microsoft confirms Windows 11 speed boost for May with faster clipboard, startup apps, Explorer, and more

Microsoft is preparing a major Windows 11 reliability update for May 2026 with improvements across File Explorer, ...
Dark Reading

Tropic Trooper APT Takes Aim at Home Routers, Japanese Targets

The Chinese state-sponsored cyber threat is known for moving fast and trying odd attack vectors; now it's branching out in ...
Security Boulevard

Tropic Trooper Pivots to AdaptixC2 and Custom Beacon Listener

IntroductionOn March 12, 2026, Zscaler ThreatLabz discovered a malicious ZIP archive containing military-themed document lures targeting Chinese-speaking individuals. Our analysis of this sample ...

North Korea targets macOS users in latest heist

North Korean criminals set on stealing Apple users' credentials and cryptocurrency are using a combination of social ...

New AgingFly malware used in attacks on Ukraine govt, hospitals

A new malware family named 'AgingFly' has been identified in attacks against local governments and hospitals that steal ...

Payouts King ransomware uses QEMU VMs to bypass endpoint security

The Payouts King ransomware is using the QEMU emulator as a reverse SSH backdoor to run hidden virtual machines on ...

A Claude code plugin in an afternoon: What I learned

Plugins for AI coding tools sound like complex infrastructure. In practice, Markdown files and an HTTP API are sufficient.
Arabian Post

Fake Adobe Reader lure turns remote tool rogue

Attackers are exploiting trust in Adobe’s brand to deliver covert remote access, using a fake Acrobat Reader download page to install ConnectWise ScreenConnect through a fileless, memory-heavy attack ...