The Contagious Interview campaign weaponizes job recruitment to target developers. Threat actors pose as recruiters from crypto and AI companies and deliver backdoors such as OtterCookie and ...

Something else to worry about.

Your weekly cybersecurity roundup covering the latest threats, exploits, vulnerabilities, and security news you need to know.

Today is Microsoft's March 2026 Patch Tuesday with security updates for 79 flaws, including 2 publicly disclosed zero-day ...

Ransomware threat actors tracked as Velvet Tempest are using the ClickFix technique and legitimate Windows utilities to deploy the DonutLoader malware and the CastleRAT backdoor.

New malware spreads via fake GitHub downloads, stealing browser passwords, crypto wallets, Discord tokens, and credit card details from Windows users.

BlackBox AI, a popular VS Code coding assistant, has a critical indirect prompt injection vulnerability. Hackers can exploit this to gain remote root access to a user’s computer.

Computational Modeling of Failure at the Fabric Weave Level in Reentry Parachute Energy ModulatorsEnergy modulators (EM) are textile ...

OpenAI has launched the Codex app for Windows, a desktop tool that lets developers run multiple AI coding agents, automate tasks and manage software projects directly from their PC ...

Nil points for the AI.

根据微软周一发布的报告，这些钓鱼攻击主要针对政府和公共部门组织。尽管微软Entra已禁用了恶意的OAuth应用程序，但微软信息安全团队警告称"相关的OAuth活动仍在持续，需要持续监控"。 OAuth是一种常用的在线授权标准，允许使用第三方凭据进行身份验证。当网站提供使用Google、Facebook或Apple账户登录的选项时，通常就是在使用OAuth标准。