The Hacker News

Lazarus Campaign Plants Malicious Packages in npm and PyPI Ecosystems

North Korea-linked Lazarus campaign spreads malicious npm and PyPI packages via fake crypto job offers, deploying RATs and ...

Once-hobbled Lumma Stealer is back with lures that are hard to resist

“LummaStealer is back at scale, despite a major 2025 law-enforcement takedown that disrupted thousands of its command-and-control domains,” researchers from security firm Bitdefender wrote. “The ...

LummaStealer infections surge after CastleLoader malware campaigns

A surge in LummaStealer infections has been observed, driven by social engineering campaigns leveraging the ClickFix technique to deliver the CastleLoader malware.
BizTech

How Can Public and Private Key Encryption Protect Private Data?

As part of daily operations, small businesses may need to collect or exchange sensitive data that should be protected. It could be a financial transaction, a mailing address or some other personally ...
Florida Today

ANY.RUN Releases Malware Trends Report for Q4 2025, Highlighting Key Threat Landscape Shifts

DUBAI, DUBAI, UNITED ARAB EMIRATES, January 7, 2026 /EINPresswire.com/ — ANY.RUN, a leading provider of interactive malware analysis and threat intelligence ...
The Verge

Microsoft handed the government encryption keys for customer data

Privacy advocates are worried about the precedent this sets and the potential for abuse. Privacy advocates are worried about the precedent this sets and the potential ...
TechCrunch

Microsoft gave FBI a set of BitLocker encryption keys to unlock suspects’ laptops: Reports

Microsoft provided the FBI with the recovery keys to unlock encrypted data on the hard drives of three laptops as part of a federal investigation, Forbes reported on Friday. Many modern Windows ...
SiliconANGLE

Skeleton Key attack shows how hackers are bypassing malware defenses using legitimate software

Attackers are increasingly bypassing traditional malware defenses by weaponizing legitimate remote monitoring and management tools to establish persistent backdoor access inside enterprise ...
Dark Reading

AsyncRAT Malware Infests Orgs via Python & Cloudflare

An emerging phishing campaign is exploiting a dangerous combination of legitimate Cloudflare services and open source Python tools to deliver the commodity AsyncRAT. The attack demonstrates threat ...