.NET Devs Targeted With Malicious NuGet Packages
In a possible first for the NuGet repository, more than a dozen components in the .NET code repository run a…
Security researchers targeted with new malware via job offers on LinkedIn
A suspected North Korean hacking group is targeting security researchers and media organizations in the U.S. and Europe with fake job…
GitHub Copilot update stops AI model from revealing secrets
GitHub has updated the AI model of Copilot, a programming assistant that generates real-time source code and function recommendations in…
Microsoft February 2023 Patch Tuesday fixes 3 exploited zero-days, 77 flaws
Today is Microsoft's February 2023 Patch Tuesday, and security updates fix three actively exploited zero-day vulnerabilities and a total of…
Hackers weaponize Microsoft Visual Studio add-ins to push malware
Security researchers warn that hackers may start using Microsoft Visual Studio Tools for Office (VSTO) more often as method to…
Gootkit malware abuses VLC to infect healthcare orgs with Cobalt Strike
The Gootkit loader malware operators are running a new SEO poisoning campaign that abuses VLC Media Player to infect Australian…
Hackers push fake Pokemon NFT game to take over Windows devices
Threat actors are using a well-crafted Pokemon NFT card game website to distribute the NetSupport remote access tool and take…
VSCode Marketplace can be abused to host malicious extensions
Threat analysts at AquaSec have experimented with the security of VSCode Marketplace and found that it's surprisingly easy to upload…
Google Search results poisoned with torrent sites via Data Studio
Threat actors are abusing Google's Looker Studio (formerly Google Data Studio) to boost search engine rankings for their illicit websites…
Microsoft Quashes Bevy of Actively Exploited Zero-Days for November Patch Tuesday
Long-awaited security fixes for ProxyNotShell and Mark of the Web bypasses are part of a glut of actively exploited zero-day…