A remote access trojan dubbed SleepyDuck, and disguised as the well-known Solidity extension in the Open VSX open-source registry, uses an Ethereum smart contract to establish a communication channel with the attacker. […]
Microsoft: SesameOp malware abuses OpenAI Assistants API in attacks
Microsoft security researchers have discovered a new backdoor malware that uses the OpenAI Assistants API as a covert command-and-control channel. […]
Malicious VSX Extension “SleepyDuck” Uses Ethereum to Keep Its Command Server Alive
Cybersecurity researchers have flagged a new malicious extension in the Open VSX registry that harbors a remote access trojan called SleepyDuck.
According to Secure Annex’s John Tuckner, the extension in question, juan-bianco.solidity-vlang (version 0.0.7), was first published on October 31, 2025, as a completely benign library that was subsequently updated to version 0.0.8 on November 1 to
According to Secure Annex’s John Tuckner, the extension in question, juan-bianco.solidity-vlang (version 0.0.7), was first published on October 31, 2025, as a completely benign library that was subsequently updated to version 0.0.8 on November 1 to
US cybersecurity experts indicted for BlackCat ransomware attacks
Three former employees of cybersecurity incident response companies DigitalMint and Sygnia have been indicted for allegedly hacking the networks of five U.S. companies in BlackCat (ALPHV) ransomware attacks between May 2023 and November 2023. […]
Hackers use RMM tools to breach freighters and steal cargo shipments
Threat actors are targeting freight brokers and trucking carriers with malicious links and emails to deploy remote monitoring and management tools (RMMs) that enable them to hijack cargo and steal physical goods. […]
Ukrainian Extradited to US Faces Charges in Jabber Zeus Cybercrime Case
Yuriy Igorevich Rybtsov, aka MrICQ, was arrested in Italy and lost his appeal to avoid extradition to the US.
The post Ukrainian Extradited to US Faces Charges in Jabber Zeus Cybercrime Case appeared first on SecurityWeek.
How Software Development Teams Can Securely and Ethically Deploy AI Tools
To deploy AI tools securely and ethically, teams must balance innovation with accountability—establishing strong governance, upskilling developers, and enforcing rigorous code reviews.
The post How Software Development Teams Can Securely and Ethically Deploy AI Tools appeared first on SecurityWeek.
Microsoft: Patch for WSUS flaw disabled Windows Server hotpatching
An out-of-band (OOB) security update that patches an actively exploited Windows Server Update Service (WSUS) vulnerability has broken hotpatching on some Windows Server 2025 devices. […]
OAuth Device Code Phishing: Azure vs. Google Compared
Device code phishing abuses the OAuth device flow — Azure can yield very powerful tokens while Google limits scopes, reducing the blast radius. Register for Huntress Labs’ Live Hack to see live Microsoft 365 attack demos, explore defensive tactics, and get an Identity Security Assessment. […]
Who is Zico Kolter? A Professor Leads OpenAI Safety Panel With Power to Halt Unsafe AI Releases
Kolter leads a panel at OpenAI that has the authority to halt the ChatGPT maker’s release of new AI systems if it finds them unsafe.
The post Who is Zico Kolter? A Professor Leads OpenAI Safety Panel With Power to Halt Unsafe AI Releases appeared first on SecurityWeek.