Microsoft

Infostealers without borders: macOS, Python stealers, and platform abuse

How modern infostealers target macOS systems, leverage Python‑based stealers, and abuse trusted platforms and utilities to distribute credential‑stealing payloads.
Dark Reading

'CrashFix' Scam Crashes Browsers, Delivers Malware

The attack consists of a NexShield malicious browser extension, a social engineering technique to crash the browser, and a ...
SDxCentral

How threat actors are really using AI

From Russian GRU operations to Chinese espionage campaigns, AI is transforming cyber warfare. But that change is a bit more ...

Fake ad blocker extension crashes the browser for ClickFix attacks

A malvertising campaign is using a fake ad-blocking Chrome and Edge extension named NexShield that intentionally crashes the ...
Security Boulevard

Anthropic, Microsoft MCP Server Flaws Shine a Light on AI Security Risks

Researchers with Cyata and BlueRock uncovered vulnerabilities in MCP servers from Anthropic and Microsoft, feeding ongoing security worries about MCP and other agentic AI tools and their dual natures ...
SecurityWeek

Malicious Chrome Extension Crashes Browser in ClickFix Variant ‘CrashFix’

ClickFix variant CrashFix relies on a malicious Chrome extension to crash the browser and trick victims into installing the ...
Analytics Insight

Automation Success Depends on Deployment Engineering, Not Advanced AI—Insights from Amazon's Systems Development Engineer

Systems Development Engineer Ravi Kiran Reddy Bommareddy eliminated vendor dependencies and manual bottlenecks across Amazon's fulfillment network, proving scal ...
The Hacker News

Evelyn Stealer Malware Abuses VS Code Extensions to Steal Developer Credentials and Crypto

Experts reveal Evelyn Stealer malware abusing VS Code extensions to steal developer credentials, browser data, and ...
MUO on MSN

I don’t need Perplexity anymore because my local LLM does it better

Perplexity was great—until my local LLM made it feel unnecessary ...

WhatsApp Web malware spreads banking Trojan automatically

New WhatsApp Web attack spreads self-propagating ZIP files containing Astaroth banking malware through trusted conversations. Boto Cor-de-Rosa campaign tracks delivery success.
GitHub

secwexen-arsenal

A curated collection of offensive, defensive, and automation tools developed for cybersecurity research, penetration testing, and threat analysis. This repository serves as a central hub for my custom ...