SecurityWeek

Legacy Windows Tool MSHTA Fuels Surge in Silent Malware Attacks

Attackers are increasingly abusing Microsoft’s legacy MSHTA utility to silently deliver malware, stealers, and persistent ...

Microsoft Self-Service Password Reset abused in Azure data theft attacks

A threat actor targeting Microsoft 365 and Azure production environments is stealing data in attacks that abuse legitimate ...

Forcepoint details TeamPCP supply chain attack that turned LiteLLM into a credential stealer

A new report out today from cybersecurity company Forcepoint LLC’s X-Labs research team details a supply chain attack that ...
Microsoft

How Storm-2949 turned a compromised identity into a cloud-wide breach

Storm-2949 turned stolen credentials into a cloud-wide breach, moving from identity compromise to large-scale data theft ...

MegaConvert.io Launches Free File Converter With 500+ Formats in 47 Languages

Free platform converts documents, images, video, audio, and ebooks from any browser — no signup required. Developer API included. We built MegaConvert to be the simplest file converter on the web — no ...
InfoWorld

AntV data visualization tool the latest to be hit by ongoing npm supply chain attacks

The world’s largest open-source registry, node package manager (npm), has been hit by another fast-moving malware attack, ...

Lettuce introduce you to the live frog found in this grocery store salad bag

When Australian farmer Rhys Smoker announced he’d found a live frog in a bag of lettuce, his housemates didn’t believe him.
CSO Online

Internet Explorer may be dead, but its ghost still runs malware

A legacy Windows scripting utility tied to Internet Explorer is still being used in modern malware campaigns, researchers say ...

Understand Tech Launches the AI Application Factory: Apps, Builder, and the Appliance They Run On

On-premise AI ecosystem: apps for technical and regulated industries, a no-code app builder for the rest, and a secured ...
Virtualization Review

Google I/O '26 Fills Out Enterprise Agent Stack with Managed Agents, ADK 2.0

Google followed its Cloud Next '26 Gemini Enterprise Agent Platform rollout and its Antigravity CLI transition with a broader I/O 2026 agent-development stack spanning Agent Studio, Managed Agents API ...
CSO Online

ClickFix finds a backup plan in PySoxy proxy chains

ReliaQuest observed attackers pairing ClickFix with the PySoxy proxy tool to establish redundant encrypted access paths and ...