News

The Hacker News9h
Discord Invite Link Hijacking Delivers AsyncRAT and Skuld Stealer Targeting Crypto Wallets
The fact that payload delivery and data exfiltration occur via trusted cloud services such as GitHub, Bitbucket, Pastebin, and Discord allows the threat actors to blend in with normal traffic and fly ...
Dems demand audit of CVE program as Federal funding remains uncertain
Infosec In Brief A pair of Congressional Democrats have demanded a review of the Common Vulnerabilities and Exposures (CVE) ...
Cryptopolitan2d
Discord invite link being used to deliver malware targeting crypto wallets
The new malware exploits a weakness in Discord’s invitation system to deliver an information stealer known as Skuld and the ...
Discord flaw lets hackers reuse expired invites in malware campaign
Hackers are hijacking expired or deleted Discord invite links to redirect users to malicious sites that deliver remote access ...
SecurityWeek3d
TeamFiltration Abused in Entra ID Account Takeover Campaign
Threat actors have abused the TeamFiltration pentesting framework to target over 80,000 Entra ID user accounts.
TechJuice5d
Rust‑Based Myth Stealer Malware Spreads via Fake Gaming Sites
A new Rust‑ based info‑stealer called Myth Stealer spreads via fake gaming sites, targeting Chrome and Firefox credentials with loaders.
Major Windows Secure Boot flaw can be used by hackers to install bootkit malware — update your PC right now
Unlike your typical Windows malware, bootkit malware targets your computer’s boot process which allows an attacker to gain ...
Macs under threat from new malware campaign impersonating major ISP — how to stay safe
Even though people often think Macs are safe from malware, that definitely isn’t true. Case in point, a new Atomic Stealer ...
More than a hundred backdoored malware repos traced to single GitHub user
Sophos thinks a single person or group called "ischhfd83" is behind more than a hundred backdoored malware variants targeting ...
Hacker targets other hackers and gamers with backdoored GitHub code
A hacker targets other hackers, gamers, and researchers with exploits, bots, and game cheats in source code hosted on GitHub ...
Misspelled a site's name? Cybercriminals are exploiting this to infect your computer with malware - here's how to stay safe
New malware campaign uses typo-squatting and fake developer packages to spread threats across Windows and Linux.