The Hacker News

Threat Actors Exploit Critical FortiClient EMS Flaw to Deploy Credential Stealer

FortiClient EMS flaw CVE-2026-35616 enabled malware delivery via fake updates, risking credential theft across endpoints.
Dark Reading

China Uses Dual-Method Cyberattack on Czech Orgs

China is stealing data from high-value targets via a sneaky, double-layer spear-phishing campaign that includes the Azureveil ...

「Coreutils for Windows」が一般提供 ~Linuxなどの定番コマンドをWindowsで ...

米Microsoftは6月2日(現地時間)、開発者向けカンファレンス「Build 2026」で、「Coreutils for ...
Infosecurity Magazine

PureLogs Variant Steals Data via Purchase Order Lures

The PureLogs module targeted a wide range of browsers, including Google Chrome, Microsoft Edge, Brave, Opera, Yandex Browser, ...

Microsoft「PowerShell」がmacOSの公証(Notarization)を取得、「Gatekeeper」の ...

macOSではアプリに公証取得を義務付けており、違反すると「Gatekeeper」の機能により「未確認の開発者」という警告が表示される。Appleから公証をうけていない従来の「PowerShell」もこの例外ではなく、利用の際はターミナルで「xatt ...
The Hacker News

China-Aligned Groups Ramp Up Attacks: Dragon Weave Hits Czech Republic & Taiwan

A new cyber espionage campaign codenamed Operation Dragon Weave has been observed targeting officials and citizens in the Czech Republic and Taiwan to deliver an AdaptixC2 agent. According to Seqrite ...
Microsoft

The Gentlemen ransomware: Dissecting a self-propagating Go encryptor

Microsoft Threat Intelligence presents a comprehensive analysis of The Gentlemen, a Go-based ransomware deployed by ...

GPU mining malware spreads via SEO poisoning, AI chatbots

Threat actors are targeting systems with high-performance computers in an ongoing cryptojacking campaign spread through a ...
Microsoft

From poisoned search results to GPU mining: A cryptojacking campaign abusing ScreenConnect ...

Microsoft exposes a cryptojacking campaign using SEO poisoning and ScreenConnect to target high-performance PCs, with ...