The Hacker News

Microsoft Warns of Photo ZIP Phishing Campaign Targeting Hotels with Node.js Implant

Microsoft says hotel phishing emails are using Calendly links and photo ZIP files to drop the TonRAT Node.js implant on front ...

Deno project is going to add cross-platform desktop apps in next major update

The next major release of Deno, a JavaScript/TypeScript runtime, will include new commands to build cross-platform desktop ...
Dark Reading

'Djinn' Stealer Targets Cloud, AI Credentials

The infostealer was delivered via CVE-2026-48558, a critical authentication bypass vulnerability in SimpleHelp.

Fake CAPTCHA Scam 'ClickFix' Spreads Malware Across 700 Trusted Websites, Tricks Users Into Installing Malware on Windows PCs

Researchers found attackers using fake CAPTCHA pages. Users should never run PowerShell or Windows commands requested by ...
Tech Times

Figma Config 2026: Code Layers Challenge Cursor as GPU Shaders Hit Paid Plans

Figma Config 2026 closed Thursday with Code Layers for GitHub-linked canvas editing, Figma Motion in open beta with CSS and ...
XDA Developers on MSN

7 little-known VS Code extensions that prove it's more than just an IDE

VS Code’s secret weapons ...
XDA Developers on MSN

I gave Penpot's code export a month against Figma's, and the difference was shocking

Both tools have a point, just different ones ...
GitHub

Obsidian JS Engine Plugin

Debugging your code blocks can be difficult, but JS Engine aims to make it a bit simpler. While writing your code blocks, you can use the js-engine-debug code block language. The special language adds ...
Microsoft

AutoJack: How a single page can RCE the host running your AI agent

Ongoing research into AI agent framework security identified an exploit chain in AutoGen Studio (AutoGen’s open-source prototyping user interface) that allows untrusted web content rendered by a ...
International Business Times

Microsoft Warns of Multi-Stage Hospitality Sector Cyberattack Using Fake Photo ZIPs, PowerShell and Node.js Malware

Microsoft reports an active cyber campaign targeting hotels in Europe and Asia using fake photo ZIPs, PowerShell malware, and Node.js implants with evolving evasion tactics. magnific.com Microsoft ...
Microsoft

Photo ZIP campaign targeting hospitality industry delivers Node.js implant for persistent access

Microsoft Threat Intelligence identified an active multi-stage intrusion campaign targeting hospitality organizations in ...

SimpleHelp Flaw Exploited to Deploy Malware Targeting Windows, macOS, and Linux

A SimpleHelp authentication flaw is being exploited to deploy Djinn Stealer, a cross-platform malware targeting cloud, ...