Decrypt

Hackers Insert Malware Into Mistral AI Software Download

Microsoft Threat Intelligence said attackers placed malicious code inside a Mistral AI download distributed through a Python ...

GitHub confirms 3,800 internal repos stolen through poisoned VS Code extension as supply chain worm hits Microsoft’s Python SDK

GitHub confirmed attackers stole 3,800 internal repositories via a poisoned VS Code extension. The same threat group, TeamPCP ...
The Hacker News

Fake OpenAI Privacy Filter Repo Hits #1 on Hugging Face, Draws 244K Downloads

Fake OpenAI Privacy Filter hit #1 on Hugging Face with 244,000 downloads, spreading infostealer malware to Windows users.

7 Days: JDownloader got hacked, Chrome downloading 4GB file, and Steam Controller sold out7 Days: JDownloader got hacked, Chrome downloading 4GB file, and Steam Controller sold ...

Our '7 Days' weekly tech roundup brings the juiciest announcements. Read about Edge browser handling passwords in plaintext, JDownloader getting hacked, and the TAB key.
Microsoft

How Storm-2949 turned a compromised identity into a cloud-wide breach

Storm-2949 turned stolen credentials into a cloud-wide breach, moving from identity compromise to large-scale data theft ...
InfoWorld

Malicious Hugging Face model masquerading as OpenAI release hits 244K downloads

The repository reached the #1 trending position on Hugging Face within 18 hours, highlighting how public AI repositories are ...

Microsoft Self-Service Password Reset abused in Azure data theft attacks

A threat actor targeting Microsoft 365 and Azure production environments is stealing data in attacks that abuse legitimate ...
SecurityWeek

Legacy Windows Tool MSHTA Fuels Surge in Silent Malware Attacks

Attackers are increasingly abusing Microsoft’s legacy MSHTA utility to silently deliver malware, stealers, and persistent ...
How-To Geek on MSN

I asked three AI models to fix the same broken code. One outperformed the rest

May the best coding AI win!
SecurityWeek

Free OnlyFans Lure Used to Spread Cross-Platform CRPx0 Malware

CRPx0 is a complex, stealthy malware campaign that targets macOS and Windows systems, and appears to have Linux capabilities ...

JDownloader distributed malware downloads

In early May, the JDownloader website delivered malware. This is reminiscent of Daemon Tools, which have since reacted.

Popular Wii U emulator CEMU has been offering compromised downloads for days

The CEMU development team has made an urgent security announcement, revealing that compromised files had been spread via its ...