The Hacker News

Microsoft Reveals ClickFix Campaign Using Windows Terminal to Deploy Lumma Stealer

Microsoft reveals ClickFix campaign abusing Windows Terminal to deliver Lumma Stealer and steal browser credentials.
The Hacker News

Where Multi-Factor Authentication Stops and Credential Abuse Starts

Seven Windows authentication paths bypass MFA protections, enabling credential attacks through AD, NTLM, Kerberos, RDP, SMB, and service accounts.
Microsoft

Malicious AI Assistant Extensions Harvest LLM Chat Histories

Malicious AI browser extensions collected LLM chat histories and browsing data from platforms such as ChatGPT and DeepSeek.
InfoWorld

What I learned as an undercover agent on Moltbook

Activity on the Reddit-style social network for OpenClaw agents raises serious cybersecurity and privacy concerns.