Stealthy Malware Campaign Uses Fake Windows Update Site To Infect PCs

Security researchers at Malwarebytes have uncovered a new malware campaign targeting Windows users with a fraudulent clone of Microsoft's site.

Adobe rolls out emergency fix for Acrobat, Reader zero-day flaw

Adobe has released an emergency security update for Acrobat Reader to fix a vulnerability, tracked as CVE-2026-34621, that ...
Security Boulevard

This fake Windows support website delivers password-stealing malware

A convincing Microsoft lookalike tricks users into downloading malware that steals passwords, payments, and account access.

Fake Linux leader using Slack to con devs into giving up their secrets

An unknown malware slinger targeting open source software developers via Slack impersonated a real Linux Foundation official ...
SecurityWeek

OpenAI Impacted by North Korea-Linked Axios Supply Chain Hack

OpenAI is one of many organizations affected by the recent Axios supply chain attack attributed to North Korean hackers.
The Malaysian Reserve

Keeper Security Expands Privileged Access Management Browser Isolation to Support Advanced Web Browsing Workflows

New capabilities remove usability barriers by enabling multi-tab browsing, secure file upload/download and KeeperAI threat detection within privileged ...
The Hacker News

GlassWorm Campaign Uses Zig Dropper to Infect Multiple Developer IDEs

GlassWorm uses a fake WakaTime VS Code extension to infect IDEs, deploy RATs, and steal data, prompting urgent credential ...

How North Korean hackers used fake Teams updates to compromise the Axios library

It's unclear how widespread the damage is from the recent axios hack involving North Korean malware, Microsoft Teams, Slack, ...
Axios on MSN

OpenAI flags software supply chain scare

OpenAI said Friday that it found evidence that one of its internal tools downloaded a compromised update from a recently ...
Hackaday

This Week In Security: Flatpak Fixes, Android Malware, And SCADA Was IOT Before IOT Was Cool

Rowhammer attacks have been around since 2014, and mitigations are in place in most modern systems, but the team at gddr6.fail has found ways to apply the attack to current-generation GPUs.