XDA Developers on MSN

Google kept featuring this Chrome extension for months after it turned malicious

How can an extension change hands with no oversight?
Bleeping Computer

Malicious VSCode extensions on Microsoft's registry drop infostealers

Two malicious extensions on Microsoft's Visual Studio Code Marketplace infect developers' machines with information-stealing malware that can take screenshots, steal credentials, crypto wallets, and ...
SiliconANGLE

Now-patched Telegram for Android vulnerability exposed users to malicious videos

Researchers at ESET s.r.o. today shared details of a now-patched vulnerability that was being used to target Telegram for Android users via malicious videos. The exploit, dubbed “EvilVideo,” could ...

Fake Claude Code Spreads Malware to Windows, macOS Users

Attackers are using fake Claude Code install pages and malicious search ads to spread infostealer malware targeting Windows ...
CSOonline

Hacker group hides malware in images to target Ukrainian organizations

The UAC-0184 group targets Ukrainian military personnel, including those outside the country, and uses steganography to infect their devices with a remote access trojan. A group of attackers targeting ...
Bleeping Computer

Malicious Visual Studio projects on GitHub push Keyzetsu malware

Threat actors are abusing GitHub automation features and malicious Visual Studio projects to push a new variant of the "Keyzetsu" clipboard-hijacking malware and steal cryptocurrency payments. The ...