Menu

25 Latest Articles Current Articles | Archives | Search
23

North Korean Hackers Abuse VS Code Auto-Run Tasks to Deploy StoatWaffle Malware

Master Code Fu posted on March 23, 2026 20:37
The North Korean threat actors behind the Contagious Interview campaign, also tracked as WaterPlum, have been attributed to a malware family tracked as StoatWaffle that's distributed via malicious Microsoft Visual Studio Code (VS Code) projects. The use of VS Code "tasks.json" to distribute malware is a relatively new tactic adopted by the threat actor since December 2025, with the attacks

[Read the rest of this article...]

Posted in: Security News
Actions: E-mail | Permalink | Comments (0) RSS comment feed
23

⚡ Weekly Recap: CI/CD Backdoor, FBI Buys Location Data, WhatsApp Ditches Numbers & More

Master Code Fu posted on March 23, 2026 20:37
Another week, another reminder that the internet is still a mess. Systems people thought were secure are being broken in simple ways, showing many still ignore basic advisories. This edition covers a mix of issues: supply chain attacks hitting CI/CD setups, long-abused IoT devices being shut down, and exploits moving quickly from disclosure to real attacks. There are also new malware tricks

[Read the rest of this article...]

Posted in: Security News
Actions: E-mail | Permalink | Comments (0) RSS comment feed
23

We Found Eight Attack Vectors Inside AWS Bedrock. Here's What Attackers Can Do with Them

Master Code Fu posted on March 23, 2026 20:37
AWS Bedrock is Amazon's platform for building AI-powered applications. It gives developers access to foundation models and the tools to connect those models directly to enterprise data and systems. That connectivity is what makes it powerful – but it’s also what makes Bedrock a target. When an AI agent can query your Salesforce instance, trigger a Lambda function, or pull from a SharePoint

[Read the rest of this article...]

Posted in: Security News
Actions: E-mail | Permalink | Comments (0) RSS comment feed
23

Microsoft Warns IRS Phishing Hits 29,000 Users, Deploys RMM Malware

Master Code Fu posted on March 23, 2026 20:37
Microsoft has warned of fresh campaigns that are capitalizing on the upcoming tax season in the U.S. to harvest credentials and deliver malware. The email campaigns take advantage of the urgency and time-sensitive nature of emails to send phishing messages masquerading as refund notices, payroll forms, filing reminders, and requests from tax professionals to deceive recipients into opening

[Read the rest of this article...]

Posted in: Security News
Actions: E-mail | Permalink | Comments (0) RSS comment feed
23

Trivy Hack Spreads Infostealer via Docker, Triggers Worm and Kubernetes Wiper

Master Code Fu posted on March 23, 2026 20:37
Cybersecurity researchers have uncovered malicious artifacts distributed via Docker Hub following the Trivy supply chain attack, highlighting the widening blast radius across developer environments. The last known clean release of Trivy on Docker Hub is 0.69.3. The malicious versions 0.69.4, 0.69.5, and 0.69.6 have since been removed from the container image library. "New image tags 0.69.5 and

[Read the rest of this article...]

Posted in: Security News
Actions: E-mail | Permalink | Comments (0) RSS comment feed
Page 1 of 10First   Previous   [1]  2  3  4  5  6  7  8  9  10  Next   Last