The Hacker News

Junior Hacker Used Tailscale and OpenSSH to Keep Access After His C2 Went Offline

Cato Networks tracked Poisson using OpenSSH and Tailscale to maintain access after Havoc C2 outage in a 33-day intrusion.
GitHub

DotNetZip - Zip and Unzip in C#, VB, any .NET language

DotNetZip is a FAST, FREE class library and toolset for manipulating zip files. Use VB, C# or any .NET language to easily create, extract, or update zip files. DotNetZip is the best open-source ZIP ...
thearabianpost

Dragon Whistle targets China campuses

A targeted cyber-espionage campaign has struck China’s higher education sector, using deceptive PDF-style shortcut files to install Cobalt Strike beacons on victim machines and open a path for remote ...
The Hacker News

North Korean Hackers Are Turning Developer Tools Into Malware Delivery Channels

Proofpoint says UNK_DeadDrop sent 250+ phishing emails to nearly 100 firms, using GitHub and VS Code lures to steal ...
SecurityWeek

Legacy Windows Tool MSHTA Fuels Surge in Silent Malware Attacks

Attackers are increasingly abusing Microsoft’s decades-old MSHTA utility to stealthily deliver stealers, loaders, and persistent malware through phishing, fake software downloads, and LOLBIN-based ...
Bitdefender

Microsoft’s MSHTA Legacy Tool Still Powers Malware Campaigns on Windows

Bitdefender security researchers have discovered that attackers continue to exploit Microsoft HTML Application Host (MSHTA), a legacy utility available by default on Windows systems that can execute ...
Techno-Science.net

Files is the Best File Explorer Alternative for Your Windows PC

Files is a powerful, modern alternative to Windows File Explorer, built on WinUI 3 with a clean UI, dual-pane support, tabs, tags, and advanced tools like previews, Git, and FTP. It fixes many ...
talkandroid.com

Warning: This WhatsApp file can secretly give hackers full control of your PC—here’s how the attack works

Editorial Note: Talk Android may contain affiliate links on some articles. If you make a purchase through these links, we will earn a commission at no extra cost to you. Learn more. Think twice before ...
theregister

Microsoft spots ClickFix campaign getting users to self-pwn on Windows Terminal

A new twist on the long-running ClickFix scam is now tricking Windows users into launching Windows Terminal and pasting malware into it themselves – handing the credential-stealing Lumma infostealer ...
Dark Reading

Shadow#Reactor Uses Text Files to Deliver Remcos RAT

A campaign known as Shadow#Reactor uses text-only files to deliver a Remcos remote access Trojan (RAT) to compromise victims, as opposed to a typical binary. Researchers with security vendor Securonix ...
GitHub

decalage2/ViperMonkey: A VBA parser and emulation engine to analyze malicious macros.

ViperMonkey is a VBA Emulation engine written in Python, designed to analyze and deobfuscate malicious VBA Macros contained in Microsoft Office files (Word, Excel, PowerPoint, Publisher, etc). See the ...