The Hacker News

North Korean Hackers Are Turning Developer Tools Into Malware Delivery Channels

Proofpoint says UNK_DeadDrop sent 250+ phishing emails to nearly 100 firms, using GitHub and VS Code lures to steal ...
Dark Reading

Salesforce Data Thefts Continue via Klue App Compromise

More Salesforce instances have been breached by threat actors abusing a third-party application integration, this time through Klue's Battlecards app. The attacks, which are the latest in a series of ...

Pink is the latest goon squad to use fake helpdesk calls to steal creds

UPDATED A new extortion brand called Pink – which may be a rebrand of BlackFile – uses voice phishing and fake help-desk ...

The attack dominating financial services doesn't steal passwords. It resets MFA and steals the token.

Credential theft fell to 13% of breach vectors in 2026. Attackers now bypass MFA via help desk resets and OAuth token theft.
note

The Complete Guide to Remotely Controlling Excel and Word with AI: A Thorough Explanation of All Methods from MCP to Python

Are you still clicking through Excel and Word by hand? Hello! I'm Unico🦄! I'm going to be blunt: as of May 2026, there are still people out there clicking on Excel cells one by one, right? There are ...
thearabianpost

Routers deepen APT28’s espionage reach

Russian military-linked hackers tracked as APT28 have shifted cyber operations into compromised internet routers, using the MooBot botnet and vulnerable edge devices to harvest credentials, route ...
Microsoft

Microsoft 365

Showing terms for the Microsoft Customer Agreement program. Not all terms apply to all products and programs. Get help selecting a program. Microsoft 365 A5 eDiscovery and Audit - Student Use Benefit ...
Microsoft

AI brands as bait: How threat actors are using the AI hype in social engineering

As threat actors operationalize AI to accelerate attacks, they are also leveraging the wider global interest around AI itself ...