SecurityWeek

‘BlackSanta’ Malware Activates EDR and AV Killer Before Detonating Payload

The malware disables antivirus and EDR protections at the kernel level, clearing the path for credential harvesting, system reconnaissance, and eventual data exfiltration. An ongoing campaign, ...
SecurityWeek

ClickFix Attack Uses Windows Terminal to Evade Detection

A new ClickFix attack variant uses fake CAPTCHA pages instructing victims to paste and execute malicious commands in Windows Terminal.
ExtremeTech

OpenAI Brings Codex AI Coding App to Windows

OpenAI's Codex coding app is available on Windows after a period of exclusivity to macOS. The app is a hub where developers can manage multiple AI agents within a single project, allowing them to ...

Someone rebuilt Task Scheduler for Windows 11 and it goes way harder than it has any right to

A modern Task Scheduler for Windows 11 exists now, and honestly Microsoft should be embarrassed. Plus, it's free.

ClickFix attackers using new tactic to evade detection, says Microsoft

Unwitting victims are now being tricked into installing malware via Windows Terminal, but some experts say this is old news.
The Hacker News

Multi-Stage VOID#GEIST Malware Delivering XWorm, AsyncRAT, and Xeno RAT

VOID#GEIST malware campaign delivers XWorm, AsyncRAT, and Xeno RAT using batch scripts, Python loaders, and explorer.exe ...

OpenAI Launches Codex Desktop App for Windows, Bringing AI Coding Agents to PC Developers

OpenAI has released its Codex desktop app for Windows, adding a native sandbox and PowerShell support, enabling developers to ...

Cork Cyber Launches Software Installer Scripts, Begins its Expansion to Continuous Risk Intelligence Remediation

Cork Cyber's Software Installer Scripts enable MSPs to generate dynamic installer scripts for vulnerable & outdated ...

OpenAI brings its Codex coding app to Windows

After debuting on macOS, OpenAI has brought its standalone Codex app to Windows. (OpenAI) At the start of February, OpenAI ...

Forget 'debloat apps.' Sophia Script gives you real control over Windows 11. Here's how it works.

The Sophia Script is an open-source PowerShell module designed to debloat and fine-tune Windows 11 (and Windows 10). It is ...
The Hacker News

ScarCruft Uses Zoho WorkDrive and USB Malware to Breach Air-Gapped Networks

North Korea-linked ScarCruft’s Ruby Jumper uses Zoho WorkDrive C2 and USB malware to breach air-gapped systems for ...