The Hacker News

Multi-Stage VOID#GEIST Malware Delivering XWorm, AsyncRAT, and Xeno RAT

VOID#GEIST malware campaign delivers XWorm, AsyncRAT, and Xeno RAT using batch scripts, Python loaders, and explorer.exe ...
Cybernews

Popular AI coding tool Blackbox AI, with 5M downloads, grants root access to hackers

BlackBox AI, a popular VS Code coding assistant, has a critical indirect prompt injection vulnerability. Hackers can exploit this to gain remote root access to a user’s computer.
Microsoft

Signed malware impersonating workplace apps deploys RMM backdoors

Signed malware backed by a stolen EV certificate deployed legitimate RMM tools to gain persistent access inside enterprise ...
The Hacker News

North Korean Hackers Publish 26 npm Packages Hiding Pastebin C2 for Cross-Platform RAT

North Korean-linked campaign publishes 26 malicious npm packages hiding C2 in Pastebin, deploying credential stealers & RAT ...
Cybernews

Iran-linked Seedworm hackers found inside US bank, airline, tech networks

Researchers warn Iranian state-backed Seedworm hackers have infiltrated US–Israeli critical networks, raising fears of cyber ...