Russian Hackers Weaponize Microsoft Office Bug in Just 3 Days
APT28's attacks rely on specially crafted Microsoft Rich Text Format (RTF) documents to kick off a multistage infection chain to deliver malicious payloads.
GlassWorm Malware Returns to Shatter Developer Ecosystems
The self-replicating malware has poisoned a fresh set of Open VSX software components, leaving potential downstream victims with infostealer infections.
AI May Supplant Pen Testers, But Oversight & Trust Are Not There Yet
Crowdsourced bug bounties and pen-testing firms see AI agents stealing the low-hanging vulnerabilities from their human counterparts. Oversight remains key.
Dark Patterns Undermine Security, One Click at a Time
People trust organizations to do the right thing, but some websites and apps have user interfaces that ultimately lead to inadequate security for users.
Attackers Harvest Dropbox Logins Via Fake PDF Lures
A malware-free phishing campaign targets corporate inboxes and asks employees to view "request orders," ultimately leading to Dropbox credential theft.
