EndClient RAT arrives as a signed MSI named “StressClear.msi,” which abuses code-signing trust and SmartScreen gaps. The package decoys with a VeraPort component while an obfuscated AutoIt loader executes in memory, establishes the IoKlTr task, and opens a JSON-over-TCP C2. To reduce risk, restrict MSI installs, enforce SmartScreen blocking, instrument MSI→AutoIt lineage, and remove scheduled tasks used for persistence.
Instagram’s latest overhaul introduces PG-13-level restrictions for teen accounts. Under the update, users under 18 will have tighter filters, limited searches, and parental approval requirements for more open settings.
A malicious MCP server can exfiltrate API keys and sensitive data from applications, exposing how trust in developer frameworks can be abused.
Security researchers discovered a critical vulnerability in Oracle E-Business Suite (EBS) that enables privilege escalation across enterprise systems. The flaw, tracked under CVE-2025-31245, could allow attackers to execute administrative actions without proper authorization if left unpatched.
A new campaign runs a clever tech support scam by hijacking Microsoft’s trusted branding. Victims encounter fake emails, CAPTCHA checks, browser-locking overlays, and a bogus phone “helpdesk” all designed to steal credentials or remote access. This article breaks down how the scam works, real indicators, and how you can defend yourself.
TikTok’s future in the United States is undergoing a dramatic shift. Under a new deal, the app’s powerful recommendation algorithm will be retrained exclusively on U.S. user data, with a consortium of American investors taking control. While framed as a national security safeguard, experts warn the move could reshape TikTok’s content, amplify political influence, and…
AI-powered ransomware is revolutionizing cybercrime. Using artificial intelligence, attackers automate targeting, evasion, and encryption enabling self-learning, large-scale attacks that outpace human defenses.
The UN is set to convene a landmark global cybercrime treaty signing in Hanoi, aiming to enhance cross-border cooperation and streamline investigations into ransomware, phishing and online trafficking. While supporters hail the pact as overdue, human-rights advocates and tech firms warn the broad language and choice of host country raise serious concerns about surveillance and enforcement.
Docker Compose CVE-2025-62725 enables path traversal that can overwrite host files from malicious compose artifacts. Update to v2.40.2, restrict sources, and audit caches.
The Lazarus Group launched a sophisticated social-engineering campaign targeting European unmanned aerial vehicle (UAV) manufacturers via fake job offers to steal intellectual property and design data. Understanding the “Operation DreamJob” method, infection chain and mitigation is critical for defense supply-chain security.