New Java-Based QuimaRAT MaaS Built to Run on Windows, Linux, and macOS

Cybersecurity researchers have flagged a novel Java-based remote access trojan (RAT) called QuimaRAT that’s capable of targeting Windows, Linux, and macOS environments.

According to LevelBlue, the cross-platform malware is advertised under a malware-as-a-service (MaaS) model, costing anywhere between $150 for one month to $1,200 for lifetime access. Other subscription tiers include $300 for

The Hacker News – ​Read More

ICE’s Internal Watchdog Is Now Investigating Online Critics

The Office of Professional Responsibility has opened more than 100 cases over what ICE officials call “incidents of doxing and threats” against ICE employees.

Security Latest – ​Read More

New TrojPix Attack Leaks Data From Air-Gapped Systems via Video Cable Emissions

Researchers at Shandong University have shown a fast new way to pull data off computers that are cut off from every network. The technique, called TrojPix, tweaks on-screen pixels in ways the eye cannot see, so that the video cable carrying them radiates a faint radio signal a nearby receiver can decode.

But TrojPix works only once malware is already on the target machine, so it

The Hacker News – ​Read More

Opera GX Flaw Let Malicious Sites Auto-Install Mods to Steal Data From Visited Pages

Researchers found a flaw in Opera GX, the gaming-focused version of the Opera browser, that let a malicious website silently install a browser add-on and use it to lift specific data from the pages a victim visits.

In a proof of concept, they reconstructed a signed-in user’s full Gmail address from a single visit, with no click. Opera has patched the flaw and says it found no evidence that

The Hacker News – ​Read More

SkillCloak Lets Malicious AI Agent Skills Evade Static Scanners with Self-Extracting Packing

Scanners meant to catch malicious add-on “skills” for AI coding agents can be fooled by a few simple changes that leave the malware working, according to a new study from researchers at the Hong Kong University of Science and Technology.

Their strongest trick slipped past every scanner tested more than 90% of the time, and the same team built a runtime checker that catches most of the

The Hacker News – ​Read More

Alibaba reportedly bans employees from using Claude Code

Alibaba has reportedly classified Claude Code as high-risk software.

Security News | TechCrunch – ​Read More

U.S. Government Entity Paid Kairos $1 Million in Data-Theft Extortion Case

A U.S. government entity paid about $1 million to keep stolen files from being leaked, according to a new case study by Rakesh Krishnan for Ransom-ISAC, built on a leaked negotiation chat and the blockchain trail the payment left.

The odd part: the group that took the money calls itself Kairos, but it may not be a ransomware gang at all. Krishnan found no sign that it ever locked a single

The Hacker News – ​Read More

The Lean Expansion Playbook AI Startups Are Using to Build Global Teams

Learn how AI startups use global hiring, EOR partners, and remote systems to access talent, stay compliant, and extend runway efficiently for sustainable growth.

Hackread – Cybersecurity News, Data Breaches, AI and More – ​Read More

North Korean Hackers Publish 108 Malicious Packages and Extensions in PolinRider Campaign

The North Korean threat actors linked to the Contagious Interview campaign have been observed publishing 108 unique packages and web browser extensions spanning npm, Packagist, Go, and Google Chrome as part of an ongoing activity referred to as PolinRider.

“The campaign remains active, and new malicious packages are likely to continue appearing as threat actors compromise maintainer accounts,

The Hacker News – ​Read More

I tried Android Auto’s new Adobe Acrobat PDF app – and it’s surprisingly useful

No, you can’t read and drive. But you can catch up on important documents.

Latest news – ​Read More