npm has taken down all versions of the Stylus library and replaced them with a “security holding” page, breaking pipelines and builds worldwide that rely on the package. […]
New Coyote Malware Variant Exploits Windows UI Automation to Steal Banking Credentials
The Windows banking trojan known as Coyote has become the first known malware strain to exploit the Windows accessibility framework called UI Automation (UIA) to harvest sensitive information.
“The new Coyote variant is targeting Brazilian users, and uses UIA to extract credentials linked to 75 banking institutes’ web addresses and cryptocurrency exchanges,” Akamai security researcher Tomer
“The new Coyote variant is targeting Brazilian users, and uses UIA to extract credentials linked to 75 banking institutes’ web addresses and cryptocurrency exchanges,” Akamai security researcher Tomer
Should We Trust AI? Three Approaches to AI Fallibility
Experts unpack the risks of trusting agentic AI, arguing that fallibility, hype, and a lack of transparency demand caution—before automation outpaces our understanding.
The post Should We Trust AI? Three Approaches to AI Fallibility appeared first on SecurityWeek.
France Says Administrator of Cybercrime Forum XSS Arrested in Ukraine
French authorities announced that an alleged admin of XSS.is, one of the longest-running cybercrime forums, has been arrested in Ukraine.
The post France Says Administrator of Cybercrime Forum XSS Arrested in Ukraine appeared first on SecurityWeek.
UK’s Ransomware Payment Ban: Bold Strategy or Dangerous Gamble?
Critics warn that a ban on ransomware payments may lead to dangerous unintended consequences, including forcing victims into secrecy or incentivizing attackers to shift tactics.
The post UK’s Ransomware Payment Ban: Bold Strategy or Dangerous Gamble? appeared first on SecurityWeek.
Coyote Banking Trojan First to Abuse Microsoft UIA
Akamai’s analysis of the Coyote malware revealed that it abuses Microsoft’s UIA accessibility framework to obtain data.
The post Coyote Banking Trojan First to Abuse Microsoft UIA appeared first on SecurityWeek.
Operator of Jetflix illegal streaming service gets 7 years in prison
The ringleader of the Jetflicks illegal paid streaming operation, a massive service with tens of thousands of subscribers, was sentenced to seven years in prison. […]
Organizations Warned of Interlock Ransomware Attacks
The US government has issued an alert on the Interlock ransomware, which targets organizations via drive-by download attacks.
The post Organizations Warned of Interlock Ransomware Attacks appeared first on SecurityWeek.
Kerberoasting Detections: A New Approach to a Decade-Old Challenge
Security experts have been talking about Kerberoasting for over a decade, yet this attack continues to evade typical defense methods. Why? It’s because existing detections rely on brittle heuristics and static rules, which don’t hold up for detecting potential attack patterns in highly variable Kerberos traffic. They frequently generate false positives or miss “low-and-slow” attacks altogether.&
Microsoft fixes bug behind incorrect Windows Firewall errors
Microsoft has resolved a known issue that triggers invalid Windows Firewall errors after rebooting Windows 11 24H2 systems with the June 2025 preview update installed. […]