PC Gamer

The Notepad++ website was hijacked by 'malicious actors' last year and security researchers are picking through the wreckage

For the quickest way to join, simply enter your email below and get access. We will send a confirmation and sign you up to our newsletter to keep you updated on all your gaming news.
theregister

Notepad++ hijacking blamed on Chinese Lotus Blossom crew behind Chrysalis backdoor

Security researchers have attributed the Notepad++ update hijacking to a Chinese government-linked espionage crew called Lotus Blossom (aka Lotus Panda, Billbug), which abused weaknesses in the update ...
CSOonline

XWorm campaign shows a shift toward fileless malware and in-memory evasion tactics

In a newly disclosed multi-stage threat campaign, attackers were seen skipping disk and leaning on in-memory tricks to deliver the XWorm remote access trojan (RAT). According to Forcepoint Labs’ ...
LinkedIn

From Userland to Kernel: A Deep Dive into Linux Process Injection with ptrace()

In the world of cybersecurity, understanding the deepest layers of the operating system isn't just academic—it's essential. For those of us defending, analyzing, or testing Linux environments, the ...
Bitdefender

Curly COMrades: A New Threat Actor Targeting Geopolitical Hotbeds

This research from Bitdefender Labs details a cluster of malicious activity we've been tracking since mid-2024. It uncovers a new threat actor group we’ve named Curly COMrades, operating to support ...
The Hacker News

CastleLoader Malware Infects 469 Devices Using Fake GitHub Repos and ClickFix Phishing

Cybersecurity researchers have shed light on a new versatile malware loader called CastleLoader that has been put to use in campaigns distributing various information stealers and remote access ...
The Hacker News

Chinese Group Silver Fox Uses Fake Websites to Deliver Sainbox RAT and Hidden Rootkit

A new campaign has been observed leveraging fake websites advertising popular software such as WPS Office, Sogou, and DeepSeek to deliver Sainbox RAT and the open-source Hidden rootkit. The activity ...
Hackaday

bad apple

If hacking on consumer hardware is about figuring out what it can do, and pushing it in directions that the manufacturer never dared to dream, then this is a very fine hack indeed. [Portasynthica3] ...
WeLiveSecurity

RomCom exploits Firefox and Windows zero days in the wild

ESET researchers discovered a previously unknown vulnerability in Mozilla products, exploited in the wild by Russia-aligned group RomCom. This is at least the second time that RomCom has been caught ...
IEEE

Buffer Overflow Exploit and Defensive Techniques

Abstract: Buffer overflow attack is most common and dangerous attack method at present. So the analysis is useful in studying the principle of buffer overflow and buffer overflow exploits. In the ...
Bleeping Computer

FIN7 targets American automaker’s IT staff in phishing attacks

The financially motivated threat actor FIN7 targeted a large U.S. car maker with spear-phishing emails for employees in the IT department to infect systems with the Anunak backdoor. According to ...