Contagious Interview: Malware delivered through fake developer job interviews
The Contagious Interview campaign weaponizes job recruitment to target developers.
-
-
Malicious AI Assistant Extensions Harvest LLM Chat Histories
Malicious AI browser extensions collected LLM chat histories and browsing data from platforms such as ChatGPT and DeepSeek. -
Inside Tycoon2FA: How a leading AiTM phishing kit operated at scale
Tycoon2FA has become a leading phishing-as-a-service (PhaaS) platforms, enabling campaigns that reach over 500,000 organizations monthly, prompting Microsoft’s Digital Crimes Unit (DCU) to work with Europol and industry partners to facilitate a disruption of Tycoon2FA’s infrastructure and operations. -
Signed malware impersonating workplace apps deploys RMM backdoors
Signed malware backed by a stolen EV certificate deployed legitimate RMM tools to gain persistent access inside enterprise environments. -
OAuth redirection abuse enables phishing and malware delivery
OAuth redirection is being repurposed as a phishing delivery path. -
Developer-targeting campaign using malicious Next.js repositories
A developer-targeting campaign leveraged malicious Next. -
Running OpenClaw safely: identity, isolation, and runtime risk
Self-hosted agents execute code with durable credentials and process untrusted input. -
Detecting and mitigating common agent misconfigurations
Agents are increasingly powerful. With that power comes risk: small misconfigurations, over‑broad sharing, unauthenticated access, and weak orchestration controls can create real exposure. -
Manipulating AI memory for profit: The rise of AI Recommendation Poisoning
That helpful “Summarize with AI” button? It might be secretly manipulating what your AI recommends. -
Analysis of active exploitation of SolarWinds Web Help Desk
We are seeing exploitation of SolarWinds Web Help Desk via CVE‑2025‑40551 and CVE‑2025‑40536 that can lead to domain compromise; here is how to patch, hunt, and mitigate now. -
New Clickfix variant ‘CrashFix’ deploying Python Remote Access Trojan
CrashFix crashes browsers to coerce users into executing commands that deploy a Python RAT, abusing finger. -
Infostealers without borders: macOS, Python stealers, and platform abuse
How modern infostealers target macOS systems, leverage Python‑based stealers, and abuse trusted platforms and utilities to distribute credential‑stealing payloads.
