Moneylife

Fraud Alert: Boss Scam 2.0 & Risky Attachments on WhatsApp

Fiercely independent and pro-consumer information on personal finance. Complete access to Moneylife archives since inception ...
The Hacker News

Microsoft Warns of Photo ZIP Phishing Campaign Targeting Hotels with Node.js Implant

Microsoft says hotel phishing emails are using Calendly links and photo ZIP files to drop the TonRAT Node.js implant on front ...

DOJ ordered to unredact more Epstein files including vile email referencing a ‘torture video’

A US district judge gave the DOJ until July 2 to turn over less-redacted versions of certain documents or show why that ...
Microsoft

Photo ZIP campaign targeting hospitality industry delivers Node.js implant for persistent access

Microsoft Threat Intelligence identified an active multi-stage intrusion campaign targeting hospitality organizations in ...
SecurityWeek

Attackers Exploit Gravity SMTP Plugin Flaw to Harvest Valuable WordPress Data

Hackers are exploiting a vulnerability in the Gravity SMTP WordPress plugin to extract configuration data, including API keys ...

Prompts Are The New Malware As Enterprise AI Defenses Fall Behind

CrowdStrike data and OpenAI's admission confirm prompt injection as a dominant enterprise AI attack vector. 65% of ...
The Hacker News

Malicious npm Packages Pose as PostCSS Tools to Deliver Windows RAT

JFrog found malicious npm packages that deploy a Windows RAT to steal Chrome credentials, run commands, and transfer files.

Anti-vaxxers are coupling up on apps for ‘Unjected’ singles

Dating apps are pairing unvaccinated people across the country — and in some cases hosting controversial in-person events.

FFmpeg fixes PixelSmash flaw in widely used video decoder

A newly disclosed FFmpeg flaw dubbed 'PixelSmash' could be exploited for remote code execution on Jellyfin servers under ...