Infosecurity Magazine

PureLogs Variant Steals Data via Purchase Order Lures

The PureLogs module targeted a wide range of browsers, including Google Chrome, Microsoft Edge, Brave, Opera, Yandex Browser, ...
The Hacker News

TrapDoor Supply Chain Attack Spreads Credential-Stealing Malware via npm, PyPI, and CratesIO

TrapDoor spread 34 malicious packages across npm, PyPI, and Crates.io, stealing developer credentials and enabling persistence.
Bitdefender

Microsoft’s MSHTA Legacy Tool Still Powers Malware Campaigns on Windows

Bitdefender security researchers have discovered that attackers continue to exploit Microsoft HTML Application Host (MSHTA), a legacy utility available by default on Windows systems that can execute ...
The Hacker News

ThreatsDay Bulletin: Linux Rootkits, Router 0-Day, AI Intrusions, Scam Kits and 25 New Stories

A token leaks. A bad package slips in. A login trick works. An old tool shows up again. At first, it feels like the usual mess. Then you see the pattern: attackers are not always breaking in. They are ...
GitHub

expl_copy_fail_cve_2026_31431.yar

description = "Detects forensic artifacts related to public Copy Fail (CVE-2026-31431) exploit PoCs, including known tiny ELF shell payloads, Python exploit code fragments, AF_ALG/authencesn/splice ...
GitHub

KUMAKAIHA/CyberChef_Chinese_release

这些操作包括简单编码(如 XOR 和 Base64)、更复杂的加密(如 AES、DES 和 Blowfish)、生成二进制及十六进制转储、数据压缩与解压缩、计算哈希值和校验和、IPv6 与 X.509 解析、字符编码转换等。