KnowledgeDeliver flaw exploited as a zero-day to install web shells

Hackers exploited a critical zero-day vulnerability in a server running the KnowledgeDeliver learning management system (LMS) to deploy the Godzilla web shell.
Microsoft

From poisoned search results to GPU mining: A cryptojacking campaign abusing ScreenConnect and Microsoft .NET utilities

Microsoft exposes a cryptojacking campaign using SEO poisoning and ScreenConnect to target high-performance PCs, with ...
Geeky Gadgets

Inside the Self-Improving AI System Unlocking a Free 1-Million-Token Context Window

The integration of DeepSeek V4 with the Hermes Agent introduces a significant enhancement to open source AI capabilities. By combining a persistent, self-improving framework with advanced reasoning ...
thearabianpost

Dragon Whistle targets China campuses

A targeted cyber-espionage campaign has struck China’s higher education sector, using deceptive PDF-style shortcut files to install Cobalt Strike beacons on victim machines and open a path for remote ...

My new favorite Windows app made my PC safer and more reliable - and it's free

My new favorite Windows app made my PC safer and more reliable - and it's free ...

BTMOB Android malware service generates custom phishing payloads

An Android remote access trojan named BTMOB is offered to cybercriminals with a builder interface for generating malware ...
Microsoft

The Gentlemen ransomware: Dissecting a self-propagating Go encryptor

Microsoft Threat Intelligence presents a comprehensive analysis of The Gentlemen, a Go-based ransomware deployed by ...

Millions of AI agents imperiled by critical vulnerability in open source package

Millions of AI agents and tools around the world have been imperiled by a critical vulnerability that can allow hackers to ...

Apple @ Work: Why the ClickFix campaign means it is time to kill the 90 day update deferral

A new macOS social engineering campaign highlights why waiting three months to enforce software updates is a massive security ...