Signed software abused to deploy antivirus-killing scripts

A digitally signed adware tool has deployed payloads running with SYSTEM privileges that disabled antivirus protections on ...

Microsoft: Teams increasingly abused in helpdesk impersonation attacks

Microsoft is warning of threat actors increasingly abusing external Microsoft Teams collaboration and relying on legitimate ...
Infosecurity Magazine

Formbook Malware Campaign Uses Multiple Obfuscation Techniques to Avoid Detection

Two phishing campaigns, each using a different stealthy infection technique, are targeting organizations in attacks which aim ...
CIO

Living off the Land attacks pose a pernicious threat for enterprises

Attackers aren't breaking into your house; they’re using your own spare key to hide in plain sight. We need to stop assuming ...
The Hacker News

Newly Discovered PowMix Botnet Hits Czech Workers Using Randomized C2 Traffic

PowMix targets Czech workforce since Dec 2025 using jittered C2 and ZIP phishing, enabling stealthy remote access and ...

Check and Update Windows Secure Boot Certificates expiring in 2026

Secure Boot Certificates are set to expire soon. This guide shows how to check and update them and covers a roadmap for ...
Dark Reading

Microsoft's Original Windows Secure Boot Certificate Is Expiring

The Secure Boot refresh is one of the largest coordinated security maintenance efforts across the Windows ecosystem, ...
Security Boulevard

Emulating the Persuasive NightSpire Ransomware

AttackIQ has released a new attack graph that emulates the behaviors of NightSpire Ransomware, a financially motivated ...
SecurityWeek

$10 Domain Could Have Handed Hackers 25k Endpoints, Including in OT and Gov Networks

A single unregistered domain available for as little as $10 could have granted hackers control over 25,000 compromised ...
Crypto Briefing

Anj Midha: Culture drives algorithmic innovation, AI models struggle with scientific analysis, and the importance of context feedback loops | 20VC

Anj Midha is a General Partner at Andreessen Horowitz where he leads frontier AI investments and founded AMP, an AI ...
The Hacker News

Obsidian Plugin Abuse Delivers PHANTOMPULSE RAT in Targeted Finance, Crypto Attacks

PHANTOMPULSE spreads via Obsidian plugin abuse in REF6598 campaign, targeting finance and crypto users, bypassing AV controls ...