Stealthy Malware Campaign Uses Fake Windows Update Site To Infect PCs

Security researchers at Malwarebytes have uncovered a new malware campaign targeting Windows users with a fraudulent clone of Microsoft's site.

Adobe rolls out emergency fix for Acrobat, Reader zero-day flaw

Adobe has released an emergency security update for Acrobat Reader to fix a vulnerability, tracked as CVE-2026-34621, that ...
Security Boulevard

This fake Windows support website delivers password-stealing malware

A convincing Microsoft lookalike tricks users into downloading malware that steals passwords, payments, and account access.
MUO on MSN

Budgie Desktop does one thing that GNOME refuses to: get out of your way

GNOME had to budge.

Fake Linux leader using Slack to con devs into giving up their secrets

An unknown malware slinger targeting open source software developers via Slack impersonated a real Linux Foundation official ...
SecurityWeek

OpenAI Impacted by North Korea-Linked Axios Supply Chain Hack

OpenAI is one of many organizations affected by the recent Axios supply chain attack attributed to North Korean hackers.
The Hacker News

GlassWorm Campaign Uses Zig Dropper to Infect Multiple Developer IDEs

GlassWorm uses a fake WakaTime VS Code extension to infect IDEs, deploy RATs, and steal data, prompting urgent credential ...
The Malaysian Reserve

Keeper Security Expands Privileged Access Management Browser Isolation to Support Advanced Web Browsing Workflows

New capabilities remove usability barriers by enabling multi-tab browsing, secure file upload/download and KeeperAI threat detection within privileged ...

How North Korean hackers used fake Teams updates to compromise the Axios library

It's unclear how widespread the damage is from the recent axios hack involving North Korean malware, Microsoft Teams, Slack, ...
Hackaday

This Week In Security: Flatpak Fixes, Android Malware, And SCADA Was IOT Before IOT Was Cool

Rowhammer attacks have been around since 2014, and mitigations are in place in most modern systems, but the team at gddr6.fail has found ways to apply the attack to current-generation GPUs.