The Hacker News

Microsoft Reveals ClickFix Campaign Using Windows Terminal to Deploy Lumma Stealer

Microsoft reveals ClickFix campaign abusing Windows Terminal to deliver Lumma Stealer and steal browser credentials.
InfoQ

So You’ve Decided To Do a Technical Migration

Sophie Koonin discusses the realities of large-scale technical migrations, using Monzo’s shift to TypeScript as a roadmap. She explains how to handle "bends in the road," from documentation and ...

Fake Claude Code install guides push infostealers in InstallFix attacks

Threat actors are employing a new variation of the ClickFix social engineering technique called InstallFix to convince users into running malicious commands under the pretext of installing legitimate ...
SecurityWeek

900 Sangoma FreePBX Instances Infected With Web Shells

Hackers exploited CVE-2025-64328, a FreePBX command injection vulnerability, to infect hundreds of instances with web shells.
Infosecurity Magazine

Fraud Investigation Reveals Sophisticated Python Malware

A sophisticated Python-based malware deployment uncovered during a fraud investigation has revealed a layered attack involving obfuscation, disposable infrastructure and commercial offensive tools.

FBI arrests suspect linked to $46M crypto theft from US Marshals

A U.S. government contractor's son, accused of stealing more than $46 million in cryptocurrency from the U.S. Marshals ...
Hosted on MSN

Gardener reveals clever hack using old cardboard boxes: 'It works'

For anyone who has ever stared down a stubborn patch of grass and wondered how to turn it into a garden, there's a Reddit post for you that might be helpful. A gardener in the r/NativePlantGardening ...