Wave of Citrix NetScaler scans use thousands of residential proxies

A coordinated reconnaissance campaign targeting Citrix NetScaler infrastructure over the past week used tens of thousands of ...
Microsoft

New Clickfix variant ‘CrashFix’ deploying Python Remote Access Trojan

CrashFix crashes browsers to coerce users into executing commands that deploy a Python RAT, abusing finger.exe and portable Python to evade detection and persist on high‑value systems.
The Hacker News

Hackers Exploit Metro4Shell RCE Flaw in React Native CLI npm Package

Active attacks exploit Metro4Shell (CVE-2025-11953) in React Native CLI to execute commands and deploy Rust malware.

Pinterest fires two engineers who created tool to track layoffs internally. CEO defends decision

After the article was published, several Pinterest employees contacted CNBC and challenged the company’s account of events.

WordPress Announces AI Agent Skill For Speeding Up Development

WordPress announced a new AI agent skill that enables AI to test their work as they go to speed up development.
CSO Online

Zero trust in practice: A deep technical dive into going fully passwordless in hybrid enterprise environments

Going passwordless isn’t a switch flip — it’s a full identity rethink. This piece walks through what actually breaks, works ...
WeLiveSecurity

DynoWiper update: Technical analysis and attribution

ESET researchers present technical details on a recent data destruction incident affecting a company in Poland’s energy sector.

So yeah, I vibe-coded a log colorizer—and I feel good about it

Oh, sure, I can “code.” That is, I can flail my way through a block of (relatively simple) pseudocode and follow the flow. I ...

Pinterest CEO rebukes, fires 'obstructionist' employees who created tool to track layoffs

Pinterest CEO Bill Ready lashed out at staffers who created an internal tool to track layoffs at the company, and fired those involved.
The Hacker News

China-Linked UAT-8099 Targets IIS Servers in Asia with BadIIS SEO Malware

Cisco Talos links China-based UAT-8099 to IIS server attacks using BadIIS malware for regional SEO fraud, targeting Thailand ...

Tenable Finds Critical Flaws in Google Looker Used by 60,000 Companies

Tenable discovered two critical vulnerabilities in Google Looker affecting 60,000 companies. Flaws enable remote takeover and ...

Konni hackers target blockchain engineers with AI-built malware

The North Korean hacker group Konni (Opal Sleet, TA406) is using AI-generated PowerShell malware to target developers and engineers in the blockchain sector.