New ConsentFix attack hijacks Microsoft accounts via Azure CLI

A new variation of the ClickFix attack dubbed 'ConsentFix' abuses the Azure CLI OAuth app to hijack Microsoft accounts ...

Malicious VSCode Marketplace extensions hid trojan in fake PNG file

A stealthy campaign with 19 extensions on the VSCode Marketplace has been active since February, targeting developers with ...
The Hacker News

Experts Confirm JS#SMUGGLER Uses Compromised Sites to Deploy NetSupport RAT

Researchers detail JS#SMUGGLER, a multi-stage web attack using JavaScript, HTA, and PowerShell to deploy NetSupport RAT on ...
CNET

Is That Link Legit? How to Spot and Avoid Scams in Your Inbox

"Smartphones do their best to block scam links, so attackers use tricks to make their links clickable," said Joshua McKenty, CEO of Polyguard.ai, a cybersecurity company that helps businesses protect ...
Mashable

Your Instagram account may have been compromised by hackers, too

The biggest stories of the day delivered to your inbox.