Clean GitHub repo tricks AI coding agents into running malware

An agentic coding tool tasked with cloning and setting up a seemingly benign GitHub repository could execute a malicious ...
Microsoft

Crypto Clipper uses Tor and worm-like propagation for persistence and control

Microsoft Threat Intelligence analyzed a cryptocurrency clipper campaign that combines clipboard theft, wallet replacement, ...
MUO on MSN

I found PowerShell's pipeline does what batch files can't and I stopped using CMD

A single pipeline replaced fourteen lines and I never looked back.
makeuseof

There's a version of PowerShell that's even more powerful — and it's already on your Windows PC

Aggy is a writer and editor who has worked for many high-traffic digital publications. He's a technology and gaming fanboy who has been a writer, editor, consultant, and computer animator. Managing ...
Microsoft

When prompts become shells: RCE vulnerabilities in AI agent frameworks

AI agents have fundamentally changed the threat model of AI model-based applications. By equipping these models with plugins (also called tools), your agents no longer just generate text; they now ...
makeuseof

I thought PowerShell was just a better CMD and I was wrong

Rob LeFebvre is an editor and writer focusing on consumer and enterprise technologies for a broad range of outlets. He’s been writing online for more than 15 years; before that he was a special ...
Bitdefender

Technical Advisory: React2Shell Critical Unauthenticated RCE in React (CVE-2025-55182)

TL;DR Ransomware groups are expected to rapidly weaponize this critical (CVSS 10.0) React vulnerability to establish initial access. This vulnerability leads to remote code execution for ...
GitHub

A script to parse the output of the 'netsh wlan show interfaces' cmd & turn it into a more interesting format

Inspired by Matt Frederick's blog post: https://finesine.com/2016/09/17/using-netsh-wlan-show-interfaces-to-monitor-associationroaming/ Note: to run Powershell ...
Bleeping Computer

Piecing Together the Puzzle: A Qilin Ransomware Investigation

Written by Lindsey O’Donnell-Welch, Ben Folland, Harlan Carvey of Huntress Labs. A big part of a security analyst’s everyday role is figuring out what actually happened during an incident. We can do ...
The Hacker News

Linux Malware Delivered via Malicious RAR Filenames Evades Antivirus Detection

Cybersecurity researchers have shed light on a novel attack chain that employs phishing emails to deliver an open-source backdoor called VShell. The "Linux-specific malware infection chain that starts ...
Bitdefender

RedCurl's Ransomware Debut: A Technical Deep Dive

This research, conducted by Bitdefender Labs, presents the first documented analysis of a ransomware campaign attributed to the RedCurl group (also known as Earth Kapre or Red Wolf). RedCurl has ...
WeLiveSecurity

PlushDaemon compromises supply chain of Korean VPN service

ESET researchers provide details on a previously undisclosed China-aligned APT group that we track as PlushDaemon and one of its cyberespionage operations: the supply-chain compromise in 2023 of VPN ...