Microsoft

Storm-2561 uses SEO poisoning to distribute fake VPN clients for credential theft

Storm-2561 uses SEO poisoning to push fake VPN downloads that install signed trojans and steal VPN credentials. Active since 2025, Storm-2561 mimics trusted brands and abuses legitimate services. This ...
InfoQ

AI-Powered Bot Compromises GitHub Actions Workflows Across Microsoft, DataDog, and CNCF Projects

AI-powered bot hackerbot-claw exploited GitHub Actions workflows across Microsoft, DataDog, and CNCF projects over 7 days using 5 attack techniques. Bot achieved RCE in 5 of 7 targets, stole GitHub ...
The Hacker News

⚡ Weekly Recap: Qualcomm 0-Day, iOS Exploit Chains, AirSnitch Attack & Vibe-Coded Malware

Your weekly cybersecurity roundup covering the latest threats, exploits, vulnerabilities, and security news you need to know.
SecurityWeek

Over 100 GitHub Repositories Distributing BoryptGrab Stealer

Distributed through over 100 GitHub repositories, the BoryptGrab stealer targets browser, wallet, system, and other user data ...
GitHub

A desktop app for viewing large JSON files.

Janice is a desktop app for viewing large JSON files. It's key features are: To run Janice just download and unzip the latest release to your computer. Janice ships as a single executable file that ...
NerdWallet

Free File Tax Program Remains Woefully Underused

Only 2% of federal income tax returns were filed through Free File, despite 70% of filers qualifying. Many, or all, of the products featured on this page are from our advertising partners who ...
GitHub

ESLint JSON Language Plugin

This package contains a plugin that allows you to natively lint JSON, JSONC, and JSON5 files using ESLint. Important: This plugin requires ESLint v9.15.0 or higher and you must be using the new ...