Microsoft

The Gentlemen ransomware: Dissecting a self-propagating Go encryptor

Microsoft Threat Intelligence presents a comprehensive analysis of The Gentlemen, a Go-based ransomware deployed by ...
The Hacker News

ThreatsDay Bulletin: Claude Security Plugin, Azure Priv-Esc, Kali365 MFA Bypass, FIFA Scams +15 More

Massive regional C2 footprint More than 1.3K C2 Servers Discovered in the Middle East Hunt.io said it identified more than ...
WLRN

New documentary film takes audiences up close into the world of Burmese python hunting

The new film 'The Python Hunt' follows the Florida Python Challenge, a 10-day competition in the Florida Everglades that aims ...
The Hacker News

⚡ Weekly Recap: Linux Flaws, Defender 0-Days, Router Botnets, and Supply Chain Chaos

Supply chain chaos, old bugs, smarter phishing, and botnets everywhere — here’s what broke the internet this week.
Microsoft

Malicious npm packages abuse dependency confusion to profile developer environments

A dependency confusion campaign leveraged 33 malicious npm packages to collect reconnaissance data from developer and build environments. This report details the attack chain, observed tradecraft, and ...
Bleeping Computer

Hackers exploit FortiClient EMS flaw to push infostealer malware

Hackers are exploiting an authentication bypass vulnerability (CVE-2026-35616) in FortiClient Enterprise Management Server (EMS) to deliver an undocumented credential stealer called EKZ. The attacker ...

Windows BitLocker exploit sparks messy feud between Microsoft and the researcher who exposed it

The issue centers on a zero-day exploit called "YellowKey," published earlier this month by a security researcher known as Chaotic Eclipse, also known online as Nightmare-Eclipse.