Chinese Mustang Panda hackers deploy infostealers via CoolClient backdoor

The Chinese espionage threat group Mustang Panda has updated its CoolClient backdoor to a new variant that can steal login ...

WinRAR path traversal flaw still exploited by numerous hackers

Multiple threat actors, both state-sponsored and financially motivated, are exploiting the CVE-2025-8088 high-severity ...
Decrypt

North Korea–Linked Hackers Use Deepfake Video Calls to Target Crypto Workers

Hackers are using AI-generated video calls to impersonate trusted contacts and trick crypto workers into installing malware.
Hackaday

Astronomy Live On Twitch

Although there are a few hobbies that have low-cost entry points, amateur astronomy is not generally among them. A tabletop Dobsonian might cost a few hundred dollars, and that is just the entry ...
Dark Reading

DPRK's Konni Targets Blockchain Developers With AI-Generated Backdoor

The North Korean threat group is using a new PowerShell backdoor to compromise development environments and target ...
Cybernews

Pentest tools left online are allowing hackers to exploit Fortune 500 firms

Hackers are exploiting intentionally vulnerable penetration testing and security training apps that have been mistakenly exposed to the public internet, giving them access to cloud environments ...
eWeek

Affleck, Damon Torch ChatGPT Screenplay Dreams

Ben Affleck and Matt Damon used a pit stop on "The Joe Rogan Experience" to torch the idea that ChatGPT could pen the next blockbuster. Affleck ...
Cybernews

LinkedIn DM phishing campaign targets high-value execs with weaponized file downloads

A phishing campaign targeting carefully selected “high-value” corporate employees has been using LinkedIn direct messages to deliver weaponized downloads, highlighting how criminals are shifting away ...

Hackers are now exploiting the safety of open-source apps to sideload malware, and on LinkedIn of all places

Once up and running, that malicious DLL file pops a Python interpreter onto the system, which runs a script to create a ...
eWeek

Google's 'Personal Intelligence' Is Here to Read Your Diary

Hillman highlights Teradata’s interoperability with AWS, Python-in-SQL, minimal data movement, open table formats, feature stores, and “bring your own […] In this episode of eSpeaks, host Corey Noles ...
The Hacker News

PLUGGYAPE Malware Uses Signal and WhatsApp to Target Ukrainian Defense Forces

CERT-UA reports PLUGGYAPE malware attacks targeting Ukrainian defense forces via Signal and WhatsApp, using phishing links ...