The Hacker News

China-Linked UAT-8099 Targets IIS Servers in Asia with BadIIS SEO Malware

Cisco Talos links China-based UAT-8099 to IIS server attacks using BadIIS malware for regional SEO fraud, targeting Thailand ...
WeLiveSecurity

DynoWiper update: Technical analysis and attribution

ESET researchers present technical details on a recent data destruction incident affecting a company in Poland’s energy sector.

Hackers use critical React Native Metro bug to breach dev systems

Hackers are targeting developers by exploiting the critical vulnerability CVE-2025-11953 in the Metro server for React Native to deliver malicious payloads for Windows and Linux.
Make Tech Easier

Use This One Tool to Remove All AI From Windows

Tired of the growing AI bloat in Windows? Forget removing each feature manually. Use this one tool to remove AI from Windows all at once.

Mandiant details how ShinyHunters abuse SSO to steal cloud data

Mandiant says a wave of recent ShinyHunters SaaS data-theft attacks is being fueled by targeted voice phishing (vishing) attacks and company-branded phishing sites that steal single sign-on (SSO) ...
CSO Online

This stealthy Windows RAT holds live conversations with its operators

The modular Windows RAT uses in-memory execution and live operator control to maintain persistence and exfiltrate sensitive ...
GameSpot

PSA: People Playground Has Been Hit By A Save-Erasing Virus

The developer behind People Playground sends out a warning to players after a malicious mod messes with the game.
Microsoft

Infostealers without borders: macOS, Python stealers, and platform abuse

How modern infostealers target macOS systems, leverage Python‑based stealers, and abuse trusted platforms and utilities to distribute credential‑stealing payloads.