Microsoft

AutoJack: How a single page can RCE the host running your AI agent

Ongoing research into AI agent framework security identified an exploit chain in AutoGen Studio (AutoGen’s open-source prototyping user interface) that allows untrusted web content rendered by a ...

Parallels RAS Expands Virtual Desktop Flexibility with New Hypervisor-Agnostic Custom Provider Framework

Parallels, a leading global provider in virtualization and end-user computing (EUC) solutions, today announced a significant update to Parallels RAS (Remote Application Server), introducing a new ...
The Hacker News

Malicious npm Packages Pose as PostCSS Tools to Deliver Windows RAT

JFrog found malicious npm packages that deploy a Windows RAT to steal Chrome credentials, run commands, and transfer files.
The Hacker News

North Korean Hackers Are Turning Developer Tools Into Malware Delivery Channels

Proofpoint says UNK_DeadDrop sent 250+ phishing emails to nearly 100 firms, using GitHub and VS Code lures to steal credentials and wallet data.
Bitdefender

Microsoft’s MSHTA Legacy Tool Still Powers Malware Campaigns on Windows

Bitdefender security researchers have discovered that attackers continue to exploit Microsoft HTML Application Host (MSHTA), a legacy utility available by default on Windows systems that can execute ...
Bitdefender

Windsurf IDE Extension Drops Malware via Solana Blockchain

Bitdefender researchers have discovered a malicious Windsurf IDE (integrated development environment) extension that deploys a multi-stage NodeJS stealer by using the Solana blockchain as the payload ...
TechRepublic

Chrome Extension Hijacked to Deliver Malware, Steal Crypto Wallets

A compromised Chrome extension with 7,000 users was updated to deploy malware, strip security headers, and steal cryptocurrency wallet seed phrases. A once-trusted Chrome extension with thousands of ...
Bleeping Computer

QuickLens Chrome extension steals crypto, shows ClickFix attack

A Chrome extension named "QuickLens - Search Screen with Google Lens" has been removed from the Chrome Web Store after it was compromised to push malware and attempt to steal crypto from thousands of ...
GitHub

SailPoint IdentityNow PowerShell Module

A PowerShell Module enabling simple methods for accessing the SailPoint IdentityNow REST API's. This PowerShell Module has been written to fulfil my colleagues IdentityNow automation needs. It is ...
WeLiveSecurity

MuddyWater: Snakes by the riverbank

ESET researchers have identified new MuddyWater activity primarily targeting organizations in Israel, with one confirmed target in Egypt. MuddyWater, also referred to as Mango Sandstorm or TA450, is ...
Beebom

How to Customize Windows Terminal Like a Pro

For developers or anyone who uses Windows Terminal to interact with the shell, be it PowerShell or WSL, this tutorial is going to help you customize the Terminal, which will soon be the default ...
WeLiveSecurity

Gamaredon X Turla collab

In February 2025, we discovered that the Gamaredon tool PteroGraphin was used to restart Turla’s Kazuar backdoor on a machine in Ukraine. In April and June 2025, we detected that Kazuar v2 was ...