Dark Reading

ClickFix Attacks Abuses DNS Lookup Command to Deliver ModeloRAT

ClickFix campaigns have adapted to the latest defenses with a new technique to trick users into infecting their own machines ...

Notepad++ boosts update security with ‘double-lock’ mechanism

Notepad++ has adopted a "double-lock" design for its update mechanism to address recently exploited security gaps that ...
The Hacker News

Critical Flaws Found in Four VS Code Extensions with Over 125 Million Installs

Critical vulnerabilities in four widely used VS Code extensions could enable file theft and remote code execution across 125M ...

Fake CAPTCHA pages are tricking users into installing malware

The hackers use fake CAPTCHA pages—which are designed to mimic standard security checks—to trick users into installing malicious software (“Stealthy StealC Information Stealer”) via keyboard commands.

Flaws in popular VSCode extensions expose developers to attacks

Vulnerabilities with high to critical severity ratings affecting popular Visual Studio Code (VSCode) extensions collectively downloaded more than 128 million times could be exploited to steal local ...

Here is how Microsoft is improving PowerShell and Windows OpenSSH in 2026Here is how Microsoft is improving PowerShell and Windows OpenSSH in 2026Here is how Microsoft is ...

Microsoft is gearing up for big PowerShell and Windows OpenSSH changes in 2026, but security will come before flashy new features.
BankInfoSecurity

Fresh Cyberespionage Operation Tied to Iranian Surveillance

A new malware campaign is using a positive-sounding report into the recent protests in Iran, accompanied by real photos and videos, as lures in an apparent ...