Graham Cluley

RAT flies under the radar with exploit-laden file downloaded by decoy Word document

A malware campaign is using a decoy Word document to automatically download an exploit-laden file and install a remote administration tool (RAT) for nefarious purposes. SANS Internet Storm Center (ISC ...
Bleeping Computer

Hackers exploit Microsoft MSHTML bug to steal Google, Instagram creds

A newly discovered Iranian threat actor is stealing Google and Instagram credentials belonging to Farsi-speaking targets worldwide using a new PowerShell-based stealer dubbed PowerShortShell by ...
Ars Technica

Code execution 0-day in Windows has been under active exploit for 7 weeks

A critical code execution zero-day in all supported versions of Windows has been under active exploit for seven weeks, giving attackers a reliable means for installing malware without triggering ...