Notepad++ maintainer says nation-state attackers hijacked the app’s update system by redirecting traffic at the hosting provider level. The Notepad++ maintainer revealed that nation-state hackers compromised the hosting provider’s infrastructure, redirecting update traffic to malicious servers. The attack did not…
Category: EN
SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 82
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Malware Newsletter KONNI Adopts AI to Generate PowerShell Backdoors Who Operates the Badbox 2.0 Botnet? Weaponized in China, Deployed in India:…
Aisuru Botnet Drives DDoS Attack Volumes to Historic Highs
Currently, the modern internet is characterized by near-constant contention, in which defensive controls are being continuously tested against increasingly sophisticated adversaries. However, there are some instances where even experienced security teams are forced to rethink long-held assumptions about scale and…
Microsoft sets a path to switch off NTLM across Windows
Windows is shifting to a more secure authentication approach, moving away from New Technology LAN Manager (NTLM) and toward stronger, Kerberos-based options. NTLM has been part of Windows for decades and continues to appear in some environments, particularly where legacy…
Arsink Rat Attacking Android Devices to Exfiltrate Sensitive Data and Enable Remote Access
A dangerous Android malware called Arsink RAT has emerged as a serious threat to mobile device security worldwide. This cloud-native Remote Access Trojan gives attackers complete control over infected devices while quietly stealing personal information. The malware spreads through social…
Hackers Attacking MongoDB Instances to Delete Database and Add Ransom Note
Threat actors are actively targeting internet-exposed MongoDB instances in large-scale automated ransomware campaigns. The attacks follow a consistent pattern: attackers scan for unsecured MongoDB databases accessible on the public internet, delete the stored data, and insert ransom notes demanding payment…
How fake party invitations are being used to install remote access tools
“You’re invited!” It sounds friendly, familiar and quite harmless. But in a scam we recently spotted, that simple phrase is being used to trick victims into installing a full remote access tool on… This article has been indexed from Malwarebytes Read the original article: How fake party invitations are being used to…
Japan, Britain to Boost Cybersecurity and Critical Minerals Cooperation as China’s Influence Grows
Japan and Britain agree to accelerate cooperation on cybersecurity and the supply of critical minerals, as China’s influence grows in the region. The post Japan, Britain to Boost Cybersecurity and Critical Minerals Cooperation as China’s Influence Grows appeared first on…
Android RAT Uses Hugging Face to Host Malware
Bitdefender has discovered a new Android malware campaign that uses Hugging Face This article has been indexed from www.infosecurity-magazine.com Read the original article: Android RAT Uses Hugging Face to Host Malware
Security Affairs newsletter Round 561 by Pierluigi Paganini – INTERNATIONAL EDITION
A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. DOJ…
Infrastructure cyberattacks are suddenly in fashion. We can buck the trend
Don’t be scared of the digital dark – learn how to keep the lights on Opinion Barely a month into 2026, electrical power infrastructure on two continents has tested positive for cyberattacks. One fell flat as attempts to infiltrate and…
Voice channels are the next major attack vector that security teams can’t monitor
Deepfake voices, live fraud, zero visibility: why voice channels are the next security blind spot. This article has been indexed from Cybersecurity Dive – Latest News Read the original article: Voice channels are the next major attack vector that security…
Designing for the Long Term: How Education Must Evolve for Augmented Work
As AI becomes embedded into everyday work, enterprises must rethink education not as a one-off intervention, but as a living system designed for uncertainty, judgment, and long-term value creation. This article has been indexed from Silicon UK Read the original…
Designing for the Long Term: Head-to-Head
From AI fluency and lifelong learning to ethics and critical thinking, Josh Meier explains why human skills — not hype — will define real ROI from generative AI. This article has been indexed from Silicon UK Read the original article:…
BreachForums Breach Exposes Names of 324K Cybercriminals, Upends the Threat Intel Game
The BreachForums marketplace has suffered a leak, exposing the identities of nearly 324,000 cybercriminals. This incident highlights a critical shift in cyberattacks, creating opportunities for law enforcement while demonstrating the risks associated with breaches in the cybercriminal ecosystem. The post…
Notepad++ Official Update Mechanism Hijacked to Deliver Malware to Select Users
The maintainer of Notepad++ has revealed that state-sponsored attackers hijacked the utility’s update mechanism to redirect update traffic to malicious servers instead. “The attack involved [an] infrastructure-level compromise that allowed malicious actors to intercept and redirect update traffic destined for…
Windows 11 Introduces New Feature to Block Unauthorized Access to System Files
Microsoft has released KB5074105, a critical preview update for Windows 11 versions 25H2 and 24H2 (OS Builds 26200.7705 and 26100.7705), introducing enhanced security mechanisms to prevent unauthorised access to sensitive system files. This non-security update significantly improves the operating system’s…
ShadowHS: New Stealthy Fileless Linux Malware Spreads Automatically
A sophisticated fileless Linux malware framework, ShadowHS, that represents a significant evolution in post-exploitation tooling. Unlike traditional malware binaries, ShadowHS operates entirely in memory and demonstrates advanced operator-driven capabilities designed specifically for long-term persistence in defended enterprise environments. ShadowHS is…
Notepad++ Users Targeted After State-Backed Attackers Hijack Update Servers
Notepad++ fell victim to a sophisticated supply chain attack orchestrated by state-sponsored threat actors who compromised its update infrastructure over a six-month campaign. Security experts have attributed the attack to a Chinese state-backed group based on the highly selective targeting…
PeckBirdy Hackers Abuse LOLBins Across Environments to Deploy Advanced Malware
A sophisticated JScript-based command-and-control framework, PeckBirdy, since 2023, exploiting living-off-the-land binaries (LOLBins) to deliver modular backdoors across diverse execution environments. The framework has been observed in two coordinated campaigns, SHADOW-VOID-044 and SHADOW-EARTH-045, targeting Chinese gambling industries, Asian government entities, and…