Signed software abused to deploy antivirus-killing scripts

A digitally signed adware tool has deployed payloads running with SYSTEM privileges that disabled antivirus protections on ...
CIO

Living off the Land attacks pose a pernicious threat for enterprises

Attackers aren't breaking into your house; they’re using your own spare key to hide in plain sight. We need to stop assuming ...
The Hacker News

Obsidian Plugin Abuse Delivers PHANTOMPULSE RAT in Targeted Finance, Crypto Attacks

PHANTOMPULSE spreads via Obsidian plugin abuse in REF6598 campaign, targeting finance and crypto users, bypassing AV controls ...
Arabian Post

Fake Adobe Reader lure turns remote tool rogue

Attackers are exploiting trust in Adobe’s brand to deliver covert remote access, using a fake Acrobat Reader download page to install ConnectWise ScreenConnect through a fileless, memory-heavy attack ...
The Hacker News

Newly Discovered PowMix Botnet Hits Czech Workers Using Randomized C2 Traffic

PowMix targets Czech workforce since Dec 2025 using jittered C2 and ZIP phishing, enabling stealthy remote access and ...

New AgingFly malware used in attacks on Ukraine govt, hospitals

A new malware family named 'AgingFly' has been identified in attacks against local governments and hospitals that steal ...
Infosecurity Magazine

Signed Adware Operation Disables Antivirus Across 23,000 Hosts

A signed software operation linked to a company called Dragon Boss Solutions LLC has reportedly been silently disabling ...
Windows Latest

Windows 11’s mandatory update auto opens Microsoft Edge on some PCs after restart

Windows 11 April update automatically opens Microsoft Edge after restart to showcase OS features, but the promotion seems to ...
Arabian Post

Formbook phishing turns stealth into scale

Two separate phishing campaigns are hitting organisations with Formbook, a long-running information stealer that continues to adapt its delivery methods to slip past traditional Windows defences. The ...
CSO Online

RCE by design: MCP architectural choice haunts AI agent ecosystem

Unsafe defaults in MCP configurations open servers to possible remote code execution, according to security researchers who ...