Dark Reading

North Korea Uses ClickFix to Target macOS Users' Data

North Korea's Sapphire Sleet uses fake job offers and phony Zoom updates to deliver ClickFix attacks that steal credentials ...
CSO Online

RCE by design: MCP architectural choice haunts AI agent ecosystem

Unsafe defaults in MCP configurations open servers to possible remote code execution, according to security researchers who ...

Live updates: 10-day ceasefire agreed on by Israel and Lebanon has gone into effect

A 10-day ceasefire announced by U.S. President Donald Trump and agreed on by Lebanon and Israel started at midnight local ...
The Hacker News

Newly Discovered PowMix Botnet Hits Czech Workers Using Randomized C2 Traffic

PowMix targets Czech workforce since Dec 2025 using jittered C2 and ZIP phishing, enabling stealthy remote access and ...

Hackers exploit Marimo flaw to deploy NKAbuse malware from Hugging Face

Hackers are exploiting a critical vulnerability in Marimo reactive Python notebook to deploy a new variant of NKAbuse malware ...
Virtualization Review

AI on a Raspberry Pi: Part 3 - Testing Different LLMs

Benchmarking four compact LLMs on a Raspberry Pi 500+ shows that smaller models such as TinyLlama are far more practical for local edge workloads, while reasoning-focused models trade latency for ...
Microsoft

Dissecting Sapphire Sleet’s macOS intrusion from lure to compromise

The Microsoft Defender Security Research Team uncovered a sophisticated macOS intrusion campaign attributed to the North ...

Microsoft reveals job interview scam being used to hack macOS users

A fake job interview, a harmless-looking update, and a hidden trap reveal how hackers quietly infiltrated macOS systems.
DataBreachToday

Freight Hacker Wields Code-Signing Service to Evade Defenses

Cargo-stealing hackers have a new trick up their sleeve: using a third-party code-signing service makes their remote ...
The Hacker News

UAC-0247 Targets Ukrainian Clinics and Government in Data-Theft Malware Campaign

The Computer Emergencies Response Team of Ukraine (CERT-UA) has disclosed details of a new campaign that has targeted ...