The Hacker News

Multi-Stage VOID#GEIST Malware Delivering XWorm, AsyncRAT, and Xeno RAT

VOID#GEIST malware campaign delivers XWorm, AsyncRAT, and Xeno RAT using batch scripts, Python loaders, and explorer.exe injection.
PCQuest

Copy-Paste This Command and You’re Hacked: New Windows Terminal Attack Spreads Lumma Stealer

Hackers are abusing Windows Terminal in a new ClickFix attack that installs Lumma Stealer and steals browser passwords while ...
Cybernews

Microsoft warning: attackers are abusing Google logins to spread malware

Microsoft has warned that attackers are abusing OAuth redirects to deliver phishing and malware via Entra ID and Google Workspace logins.

Microsoft warns of OAuth phishing campaigns able to bypass email and browser defenses - says 'these campaigns demonstrate that this abuse is operational, not th…

In recently spotted attacks, the crooks would send phishing emails to government and public sector organizations, usually ...

Phish of the day: Microsoft OAuth scams abuse redirects for malware delivery

The phishing expedition targets government and public-sector organizations, according to a Monday report from Redmond's ...
Microsoft

OAuth redirection abuse enables phishing and malware delivery

OAuth redirection is being repurposed as a phishing delivery path. Trusted authentication flows are weaponized to move users ...
Security Boulevard

APT37 Adds New Capabilities for Air-Gapped Networks

IntroductionIn December 2025, Zscaler ThreatLabz discovered a campaign linked to APT37 (also known as ScarCruft, Ruby Sleet, and Velvet Chollima), which is a DPRK-backed threat group. In this campaign ...
Security Boulevard

Facebook ads spread fake Windows 11 downloads that steal passwords and crypto wallets

Attackers are running paid Facebook ads that look like official Microsoft promotions, then directing users to near-perfect clones of the Windows 11 download page. Click Download Now and instead of a ...
PBS

Trump family business files for trademark rights on any airports using the president's name

NEW YORK (AP) — The Trump family company has filed to trademark the use of the president's name on airports but says it doesn't plan on charging a fee — at least for a proposed renaming of one near ...
BBC

Brief sent by Andrew to Epstein included gold investments, file seen by BBC suggests

A document apparently sent by Andrew Mountbatten-Windsor to Jeffrey Epstein included information on investment opportunities in gold and uranium in Afghanistan. The BBC has seen a briefing, prepared ...
The Guardian

Epstein files shed more light on Steve Bannon’s efforts to influence European politics

Donald Trump’s former adviser told Epstein in 2019 that he was ‘focused on raising money for Le Pen and Salvini’ before European elections Dozens of messages contained in the latest tranche of Epstein ...