What does the word ‘obfuscate’ mean? If you’re feeling puzzled, here’s what to know

The word “obfuscate” means to make something unclear, confusing or difficult to understand. It is a verb and can either be done deliberately or unintentionally. The word is essentially the opposite of ...
Infosecurity Magazine

AI-Generated Code Used in Phishing Campaign Blocked by Microsoft

Microsoft Threat Intelligence stopped an AI-driven credential phishing campaign using SVG files disguised as PDFs ...
Infosecurity-magazine.com

Malicious PyPI Package Exposes Crypto Wallets to Infostealer Code

A malicious Python Package Index (PyPI) package, dubbed “aiocpa” and engineered to steal cryptocurrency wallet data, has been uncovered by security researchers. The package posed as a legitimate ...

Watch out - hackers are using AI to make phishing emails even more convincing

We’ve all heard of Gen AI being used to craft bodies of convincing phishing emails, however Microsoft researchers have now ...
The Hacker News

Microsoft Flags AI-Driven Phishing: LLM-Crafted SVG Files Outsmart Email Security

"Appearing to be aided by a large language model (LLM), the activity obfuscated its behavior within an SVG file, leveraging ...
Bleeping Computer

Linux wiper malware hidden in malicious Go modules on GitHub

A supply-chain attack targets Linux servers with disk-wiping malware hidden in Golang modules published on GitHub. The campaign was detected last month and relied on three malicious Go modules that ...
CSOonline

Russian Shuckworm APT is back with updated GammaSteel malware

The attack targeted the military mission of a Western country in Ukraine, with the goal of deploying a PowerShell-based version of the GammaSteel infostealer. A cyberespionage group of Russian origin ...
Bleeping Computer

NPM package caught using QR Code to fetch cookie-stealing malware

Newly discovered npm package 'fezbox' employs QR codes to retrieve cookie-stealing malware from the threat actor's server. The package, masquerading as a utility library, leverages this innovative ...
Hackaday

This Week In Security: Malicious Themes, Crypto Heists, And Wallbleed

It’s usually not a good sign when your downloaded theme contains obfuscated code. Yes, we’re talking about the very popular Material Theme for VSCode. This one has a bit of a convoluted history. One ...

Microsoft blocks phishing scam which used AI-generated code to trick users

Microsoft says attackers used AI-generated code in a phishing campaign, disguising an SVG file as a PDF document to trick ...
Ars Technica

Backdoor found in widely used Linux utility targets encrypted SSH connections

Researchers have found a malicious backdoor in a compression tool that made its way into widely used Linux distributions, including those from Red Hat and Debian. Because the backdoor was discovered ...
Ars Technica

Researcher uncovers dozens of sketchy Chrome extensions with 4 million installs

Google is hosting dozens of extensions in its Chrome Web Store that perform suspicious actions on the more than 4 million devices that have installed them and that their developers have taken pains to ...