CSO Online

Phishing campaign chains old Office flaw with fileless XWorm RAT to evade detection

The campaign exploits an Office vulnerability to deliver the modular XWorm RAT, chaining HTA, PowerShell, and in-memory .NET execution to sidestep detection and expand post-compromise control.

‘Dead’ Outlook add-in hijacked to phish 4,000 Microsoft Office Store users

A hacker noticed the change in its status and hijacked the dead add-in and its 4.71-star rating to conduct a phishing campaign that the company which uncovered the attack, plug-in security company Koi ...
ExtremeTech

Microsoft Fixes Windows 11 Bug That Let Attackers Run Remote Code in Notepad

The vulnerability comes from the way Notepad handles Markdown hyperlinks. Attackers craft malicious .md files with embedded ...

Oklahoma carries out its first execution of 2026 on a man convicted of double killing

Oklahoma has carried out its first execution of the year on a man convicted of killing two men in a drive-by shooting.

Claude desktop extension can be hijacked to send out malware by a simple Google Calendar event

AI assistants apparently can't distinguish between instructions and data, and that is at the center of many zero-click prompt ...

I unlocked God Mode in Windows 11 with this text string - here's what it does

First, make sure you're signed into your Windows 11 PC with an account that has administrative privileges. By default, your own account should have the necessary rights. To confirm this, go to ...