The Hacker News

WIRTE Leverages AshenLoader Sideloading to Install the AshTag Espionage Backdoor

WIRTE expands AshTag espionage operations, using phishing & DLL sideloading to target Middle East govts with persistent ...
Dark Reading

Storm-0249 Abuses EDR Processes in Stealthy Attacks

The initial access broker has been weaponizing endpoint detection and response (EDR) platforms and Windows utilities in ...

Ransomware IAB abuses EDR for stealthy malware execution

An initial access broker tracked as Storm-0249 is abusing endpoint detection and response solutions and trusted Microsoft ...
The Hacker News

Researchers Find Malicious VS Code, Go, npm, and Rust Packages Stealing Developer Data

Researchers found malicious VS Code extensions and Go, npm, and Rust packages stealing developer data via hidden payloads and exfiltration.

Malicious VSCode extensions on Microsoft's registry drop infostealers

Two malicious extensions on Microsoft's Visual Studio Code Marketplace infect developers' machines with information-stealing ...

Microsoft Issues Unannounced Patch for Zero-Day LNK Vulnerability Used in Real-World Attacks

Microsoft quietly patched CVE-2025-9491, a Windows LNK flaw abused by state actors since 2017 for malware attacks ...

Adobe Acrobat Reader no longer starts for many users

Many Windows users are currently unable to use Adobe Acrobat Reader. A downgrade to the previous version resolves the error.