A large-scale campaign is targeting developers on GitHub with fake Visual Studio Code (VS Code) security alerts posted in the Discussions section of various projects, to trick users into downloading m
Ryan Cooglers Reboot von Akte X nimmt immer mehr Gestalt an. Die Pilotfolge hat schon mal grünes Licht und jetzt wissen wir offiziell, welches Duo für das FBI ermittelt.
Das Konzept des Zenbook Duo als Laptop mit zwei Displays und Anstecktastatur ist interessant – aber für Linux ein Worst-Case-Szenario. Ein Test von Oliver Nickel und Johannes Hiltscher (Asus, Prozess
Iran-aligned groups are trying to make their mark in the Gulf, but the results have fallen short of remarkable.
The excitement around Cisco’s latest SD-WAN bugs has inspired some light fraud, misunderstandings, and overlooked potential hazards.
Fake Fedex Email Delivers Donuts! https://isc.sans.edu/diary/Fake%20Fedex%20Email%20Delivers%20Donuts!/32754 Abusing .ARPA: The TLD that isn t supposed to host anything https://www.infoblox.com/blog/threat-intelligence/abusing-arpa-the-tld-that-isnt-supposed-to-host-anything/ MC1179154 – Microsoft Authenticator app: Upcoming changes to jailbreak and root detection https://mc.merill.net/message/MC1179154 SECURITY BULLETIN: Apex One and Apex One (Mac) – February 2026 https://success.trendmicro.com/en-US/solution/KA-0022458 Special Webcast: AirSnitch How Worried Should You Be? https://www.sans.org/webcasts/airsnitch-how-worried-should-you-be
Fake Incident Report Used in Phishing Campaign https://isc.sans.edu/diary/Fake%20Incident%20Report%20Used%20in%20Phishing%20Campaign/32722 Divide and conquer: how the new Keenadu backdoor exposed links between major Android botnets https://securelist.com/keenadu-android-backdoor/118913/ CVE-2026-25903: Apache NiFi: Missing Authorization of Restricted Permissions for Component Updates https://seclists.org/oss-sec/2026/q1/166 The Next Frontier of Runtime Assembly Attacks: Leveraging LLMs to Generate Phishing JavaScript in Real Time https://unit42.paloaltonetworks.com/real-time-malicious-javascript-through-llms/ Encrypted RCS in […]
Fake adult websites pop realistic Windows Update screen to deliver stealers via ClickFix The latest variant of ClickFix tricks users into copy/pasting commands by displaying a fake blue screen of death. https://www.acronis.com/en/tru/posts/fake-adult-websites-pop-realistic-windows-update-screen-to-deliver-stealers-via-clickfix/ B2B Guest Access Creates an Unprotected Attack Vector Users may be tricked into joining an external Teams workspace as a guest, bypassing protections […]
Be Careful With Fake Zoom Client Downloads Miscreants are tricking victims into downloading fake Zoom clients (and likely other meeting software) by first sending them fake meeting invites that direct victims to a page that offers malware for download as an update to the Zoom client. https://isc.sans.edu/diary/Be%20Careful%20With%20Fake%20Zoom%20Client%20Downloads/32014 Python tarfile Vulnerability Recently, the Python tarfile module […]