Microsoft

Photo ZIP campaign targeting hospitality industry delivers Node.js implant for persistent access

Microsoft Threat Intelligence identified an active multi-stage intrusion campaign targeting hospitality organizations in ...

Bluekit phishing kit adopts browser-in-the-middle for login theft

The Bluekit phishing-as-a-service platform continues to evolve with nearly 70 new hostnames identified over the past week and ...
The Hacker News

New OXLOADER Loader Uses Malicious Google Ads to Deliver CastleStealer

Researchers detail REF8372, a malvertising campaign using fake Node.js ads, Storj-hosted payloads, and OXLOADER to deploy ...
GitHub

codeobfuscation/Zamunda.RIP-Self-Hosted

Offline desktop client for the Zamunda.RIP archive (Zamunda.NET + ArenaBG + Zelka.org). Cross-platform Electron app, ships with a full SQLite snapshot of the archive baked into the installer — works ...