The Hacker News

Threat Actors Exploit Critical FortiClient EMS Flaw to Deploy Credential Stealer

FortiClient EMS flaw CVE-2026-35616 enabled malware delivery via fake updates, risking credential theft across endpoints.
Infosecurity Magazine

PureLogs Variant Steals Data via Purchase Order Lures

The PureLogs module targeted a wide range of browsers, including Google Chrome, Microsoft Edge, Brave, Opera, Yandex Browser, ...

Microsoft「PowerShell」がmacOSの公証(Notarization)を取得、「Gatekeeper」の ...

macOSではアプリに公証取得を義務付けており、違反すると「Gatekeeper」の機能により「未確認の開発者」という警告が表示される。Appleから公証をうけていない従来の「PowerShell」もこの例外ではなく、利用の際はターミナルで「xatt ...
Arabian Post on MSN

Trusted tools become malware delivery routes

Attackers are increasingly abusing legitimate system utilities and widely used administrative tools to deliver malware, move through networks and avoid detection, forcing security teams to rethink ...

GPU mining malware spreads via SEO poisoning, AI chatbots

Threat actors are targeting systems with high-performance computers in an ongoing cryptojacking campaign spread through a ...
Dark Reading

China Uses Dual-Method Cyberattack on Czech Orgs

China is stealing data from high-value targets via a sneaky, double-layer spear-phishing campaign that includes the Azureveil ...
Microsoft

From poisoned search results to GPU mining: A cryptojacking campaign abusing ScreenConnect ...

Microsoft exposes a cryptojacking campaign using SEO poisoning and ScreenConnect to target high-performance PCs, with ...
The Hacker News

China-Aligned Groups Ramp Up Attacks: Dragon Weave Hits Czech Republic & Taiwan

A new cyber espionage campaign codenamed Operation Dragon Weave has been observed targeting officials and citizens in the Czech Republic and Taiwan to deliver an AdaptixC2 agent. According to Seqrite ...
マイナビニュース

WindowsでLinuxコマンドを利用可能に

Coreutils for Windowsは、Linuxで広く利用されているGNU Coreutils相当のコマンド群をWindows向けに提供するプロジェクトだ。 MicrosoftはRustで実装されたuutilsをベースに、findutilsやgrepなどを含めたパッケージとして提供している。これにより、LinuxやmacOSで利用している ...