Termite ransomware breaches linked to ClickFix CastleRAT attacks

Ransomware threat actors tracked as Velvet Tempest are using the ClickFix technique and legitimate Windows utilities to deploy the DonutLoader malware and the CastleRAT backdoor.
XDA Developers on MSN

This open-source Python library from Google is perfect for extracting text from anything

Smarter document extraction starts here.
The Hacker News

Microsoft Warns OAuth Redirect Abuse Delivers Malware to Government Targets

While some of the campaigns have been found to leverage the technique to deliver malware, others send users to pages hosted on phishing frameworks such as EvilProxy, which act as an ...
Cybernews

Popular AI coding tool Blackbox AI, with 5M downloads, grants root access to hackers

BlackBox AI, a popular VS Code coding assistant, has a critical indirect prompt injection vulnerability. Hackers can exploit this to gain remote root access to a user’s computer.
eWeek

Meta AI Wants to Be Your Personal Shopper

Meta is rolling out a dedicated shopping research mode inside its Meta AI web chatbot for a slice of US desktop users. Search ...
Microsoft

Inside Tycoon2FA: How a leading AiTM phishing kit operated at scale

Tycoon2FA has become a leading phishing-as-a-service (PhaaS) platforms, enabling campaigns that reach over 500,000 organizations monthly, prompting Microsoft’s Digital Crimes Unit (DCU) to work with ...
RMD Open

Distinct pattern of comorbidities hinders treatment target attainment in SLE through persistent disease activity and delayed glucocorticoid tapering: longitudinal data fro…

Background Remission and low-disease activity are recommended targets in systemic lupus erythematosus (SLE), yet many ...