Microsoft Disables Downloaded File Previews to Block NTLM Hash Leaks

/in

In files downloaded from the internet, HTML tags referencing external paths could be used to leak NTLM hashes during file previews.

The post Microsoft Disables Downloaded File Previews to Block NTLM Hash Leaks appeared first on SecurityWeek.

SecurityWeek – ​Read More

I was prepared for an eSIM transfer nightmare, but this carrier changed my mind completely

/in

Transferring your phone number can be a mess, especially if you’re going from iPhone to Android. Here’s how I flipped the script.

Latest news – ​Read More

Self-Spreading ‘GlassWorm’ Infects VS Code Extensions in Widespread Supply Chain Attack

/in

Cybersecurity researchers have discovered a self-propagating worm that spreads via Visual Studio Code (VS Code) extensions on the Open VSX Registry and the Microsoft Extension Marketplace, underscoring how developers have become a prime target for attacks.
The sophisticated threat, codenamed GlassWorm by Koi Security, is the second such supply chain attack to hit the DevOps space within a span

The Hacker News – ​Read More

Pwn2Own WhatsApp Hacker Says Exploit Privately Reported to Meta

/in

Questions have been raised over the technical viability of the purported WhatsApp exploit, but the researcher says he wants to keep his identity private.

The post Pwn2Own WhatsApp Hacker Says Exploit Privately Reported to Meta appeared first on SecurityWeek.

SecurityWeek – ​Read More

North Korean hacking group targeting European drone maker with ScoringMathTea malware

/in

Researchers at ESET said they found evidence of a new tentacle of the long-running Operation DreamJob campaign — where North Korea’s Lazarus group sends malware-laden emails purporting to be from recruiters at top companies.

The Record from Recorded Future News – ​Read More

US Crypto Bust Offers Hope in Battle Against Cybercrime Syndicates

/in

A $14 billion seizure by US investigators presents a warning for cybercriminals’ reliance on bitcoin but is still a positive development for the cryptocurrency industry.

darkreading – ​Read More

These $300 rugged Android phones have no business being this good for the money

/in

If you’re looking for a phone that is as rugged as a tank, but performs more like a Chevy Supersport, Oukitel might have one just for you.

Latest news – ​Read More

How Hacked Card Shufflers Allegedly Enabled a Mob-Fueled Poker Scam That Rocked the NBA

/in

WIRED recently demonstrated how to cheat at poker by hacking the Deckmate 2 card shufflers used in casinos. The mob was allegedly using the same trick to fleece victims for millions.

Security Latest – ​Read More

Fear the ‘SessionReaper’: Adobe Commerce Flaw Under Attack

/in

CVE-2025-54236 is a critical flaw in Adobe Commerce (formerly Magento) that allows attackers to remotely take over sessions on the e-commerce platform.

darkreading – ​Read More

Medusa Ransomware Leaks 834 GB of Comcast Data After $1.2M Demand

/in

Medusa ransomware leaks 186 GB of Comcast data, claiming 834 GB stolen after a $1.2M ransom demand apparently went unpaid.

Hackread – Cybersecurity News, Data Breaches, Tech, AI, Crypto and More – ​Read More