Infosecurity Magazine

PureLogs Variant Steals Data via Purchase Order Lures

The PureLogs module targeted a wide range of browsers, including Google Chrome, Microsoft Edge, Brave, Opera, Yandex Browser, ...

GPU mining malware spreads via SEO poisoning, AI chatbots

Threat actors are targeting systems with high-performance computers in an ongoing cryptojacking campaign spread through a ...

Microsoft「PowerShell」がmacOSの公証(Notarization)を取得、「Gatekeeper」の ...

macOSではアプリに公証取得を義務付けており、違反すると「Gatekeeper」の機能により「未確認の開発者」という警告が表示される。Appleから公証をうけていない従来の「PowerShell」もこの例外ではなく、利用の際はターミナルで「xatt ...
Microsoft

From poisoned search results to GPU mining: A cryptojacking campaign abusing ScreenConnect ...

Microsoft exposes a cryptojacking campaign using SEO poisoning and ScreenConnect to target high-performance PCs, with ...
The Hacker News

AI Chatbot Recommendations Redirect Users to Cryptojacking Malware Sites

Microsoft uncovered 150+ AI-assisted cryptojacking domains using fake software downloads to deploy persistent malware.
The Hacker News

Ghost CMS CVE-2026-26980 Exploited to Hijack 700+ Sites for ClickFix Attacks

Ghost CMS flaw CVE-2026-26980 enabled attacks on 700+ sites, injecting ClickFix malware through fake CAPTCHA pages.
XDA Developers on MSN

I got tired of hunting through Windows for every setting, so I built my own control center

I started this as a side project, but my Windows Command Center suddenly became useful.
SecurityWeek

Legacy Windows Tool MSHTA Fuels Surge in Silent Malware Attacks

Attackers are increasingly abusing Microsoft’s legacy MSHTA utility to silently deliver malware, stealers, and persistent ...

JavaScript不要、「PWA」をインストールする新しいHTML要素が「Chrome ...

「Google Chrome」と「Microsoft Edge」で、Webアプリ(PWA)を簡単にインストールできるようにする新しいHTML要素がテストされているとのこと。米Googleの開発者向けブログ「Chrome for ...
WeLiveSecurity

Webworm: New burrowing techniques

EchoCreep, which uses Discord for C&C communication, and GraphWorm, which uses Microsoft Graph API for the same purpose. The ...