Fake MAS Windows activation domain used to spread PowerShell malware

A typosquatted domain impersonating the Microsoft Activation Scripts (MAS) tool was used to distribute malicious PowerShell ...

Leonardo DiCaprio movie torrent hides complex PowerShell scripts

Fake movie torrents deliver multi-stage malware without the user noticing execution stepsAgentTesla steals browser, email, ...
InfoWorld

React2Shell: Anatomy of a max-severity flaw that sent shockwaves through the web

The explosive, easy-to-trigger vulnerability was exploited within hours of disclosure, exposing the risks of default ...

Illegal Downloads of ‘One Battle After Another’ Contain Dangerous Malware

Bitdefender reports that some torrents of One Battle After Another currently available online contain PowerShell scripts and ...

5 Raspberry Pi Projects That Can Replace Your Expensive Subscriptions

Subscription services are everywhere these days, and they only seem to get more expensive. Luckily, with a Raspberry Pi, you ...
The Hacker News

React2Shell Vulnerability Actively Exploited to Deploy Linux Backdoors

React2Shell vulnerability CVE-2025-55182 is actively exploited to deploy Linux malware, run commands, and steal cloud ...
The Hacker News

New ForumTroll Phishing Attacks Target Russian Scholars Using Fake eLibrary Emails

Kaspersky reports ForumTroll phishing attacks targeting Russian academics, using fake eLibrary emails, personalized files & Windows malware delivery.
Gulf Business on MSN

Kaspersky warns of ChatGPT-themed macOS malware campaign

According to Kaspersky, attackers are purchasing sponsored search ads linked to queries such as “chatgpt atlas” ...
Infosecurity Magazine

Monitoring Tool Nezha Abused For Stealthy Post-Exploitation Access

In this campaign, Nezha is deployed as a post-exploitation remote access tool rather than malware. Because the software is ...

Fake Windows update pushes malware in new ClickFix attack

The ClickFix campaign disguises malware as legitimate Windows updates, using steganography to hide shellcode in PNG files and bypass security detection systems.
ZAWYA

Kaspersky uncovers macOS infostealer campaign abusing ChatGPT’s chat-sharing feature

Kaspersky Threat Research has identified a new malware campaign that uses paid Google search ads and shared conversations on the official ChatGPT website to trick Mac users into running a command that ...