VS Code zero-day lets hackers steal GitHub tokens in one click

A security researcher has released exploit code for a Visual Studio Code (VS Code) zero-day vulnerability that allows attackers to steal GitHub authentication tokens by tricking users into clicking a link. Microsoft classifies a software flaw as a zero-day if it is publicly disclosed and/or actively exploited with no official patch currently available. As researcher Ammar Askar explained […]

Over 116,000 Minecraft systems infected in WeedHack malware campaign

A large-scale malware campaign dubbed WeedHack is targeting Minecraft players and has infected more than 116,000 systems since January. The malware is distributed through Minecraft-related malicious mods, clients, cheats, and utilities that are promoted over YouTube and SEO (search engine optimization) poisoning. WeedHack works as a malware-as-a-service (MaaS) infostealer operation that offers a dashboard for […]

Hackers hijack thousands of sites for ClickFix and FakeUpdate attacks

A threat actor tracked as DriveSurge has been operating large-scale malware distribution campaigns using ClickFix and FakeUpdates techniques on compromised sites. Thousands of websites have been compromised in DriveSurge campaigns to redirect visitors to malware-delivery infrastructure, according to researchers at cybersecurity company SilentPush. ClickFix is a popular social engineering tactic that deceives victims into copying […]

Red Hat npm packages compromised to steal developer credentials

More than 30 npm packages under Red Hat’s ‘@redhat-cloud-services’ namespace were compromised in a supply-chain attack that distributed a new variant of the Shai-Hulud credential-stealing malware, dubbed “Miasma.” The incident was discovered by security firms Aikido and OX Security, which found dozens of package versions backdoored with malware designed to steal developer credentials, cloud secrets, SSH […]

Spain arrests doxer leaking sensitive data of govt employees

The Spanish National Police has arrested an individual for leaking sensitive information related to members of various key state organizations, including the National Cybersecurity Institute (INCIBE). According to authorities, the individual is responsible for a massive leak of personal data, which carried national security risks because of the people exposed. The police notes that the […]

Dashlane password manager users locked out by brute force attacks

Multiple Dashlane users have been locked out of their accounts following brute-force attacks that attempted logins from distant locations and unknown devices. In a statement to BleepingComputer, the password management service confirmed that the suspensions were part of an automated security response designed to protect against account hijacking. “We can confirm that certain Dashlane user […]

Palo Alto GlobalProtect VPN auth bypass flaw now exploited in attacks

Palo Alto Networks is warning that hackers are now exploiting a PAN-OS GlobalProtect authentication bypass flaw, tracked as CVE-2026-0257, in attacks attempting to breach corporate networks. The company fixed the CVE-2026-0257 flaw earlier this month, warning that it could be used to establish unauthorized VPN connections on the device. “GlobalProtect portal and gateway of Palo Alto Networks […]