Microsoft

From package to postinstall payload: Inside the Mastra npm supply chain compromise by Sapphire Sleet

A poisoned npm package infected 140+ projects with a hidden payload. This report highlights how to detect, hunt, and defend ...
The Hacker News

ClickFix Campaigns Expand Malware Delivery With New Loaders and Fake Update Lures

ClickFix attacks are delivering BabaDeda, Lorem Ipsum, and Potemkin loaders to deploy stealers, RATs, and ransomware-linked ...
The Hacker News

âš¡ Weekly Recap: Browser Bugs, EDR Killers, TV Botnet, OpenBSD Flaw, Android Trojan, and More

This week’s cybersecurity recap covers Firefox and Chrome bugs, EDR-killer tools, a TV botnet, an OpenBSD flaw, Android ...
CNET on MSN

If You’re a PC Gamer, It’s Time to Upgrade to Magnetic Keyboard Switches

If You’re a PC Gamer, It’s Time to Upgrade to Magnetic Keyboard Switches ...

Windows and Linux users: The deadline to update Secure Boot keys is near

The clock is ticking for Windows and Linux users to update cryptographic keys that protect their systems against ...
Microsoft

Crypto Clipper uses Tor and worm-like propagation for persistence and control

Microsoft Threat Intelligence analyzed a cryptocurrency clipper campaign that combines clipboard theft, wallet replacement, ...