Microsoft

New Clickfix variant ‘CrashFix’ deploying Python Remote Access Trojan

CrashFix crashes browsers to coerce users into executing commands that deploy a Python RAT, abusing finger.exe and portable Python to evade detection and persist on high‑value systems.
The Hacker News

Microsoft Warns Python Infostealers Target macOS via Fake Ads and Installers

Python infostealers are spreading from Windows to macOS via Google Ads, ClickFix lures, and fake installers to steal credentials and financial data.

Hacker who stole 120,000 bitcoins wants a second chance—and a security job

In 2023, Lichtenstein and his wife, Heather Morgan, pleaded guilty to money laundering conspiracy in a wild 2016 scheme to steal 120,000 bitcoins (worth over $10 billion today) from Bitfinex, a ...
The Hacker News

Fake Python Spellchecker Packages on PyPI Delivered Hidden Remote Access Trojan

Two fake spellchecker packages on PyPI hid a Python RAT in dictionary files, activating malware on import in version 1.2.0.

Malicious packages for dYdX cryptocurrency exchange empties user wallets

Open source packages published on the npm and PyPI repositories were laced with code that stole wallet credentials from dYdX ...
Reuters

Oracle tells clients of second recent hack, log-in data stolen, Bloomberg News reports

April 2 (Reuters) - Oracle (ORCL.N), opens new tab has told customers that a hacker broke into a computer system and stole old client log-in credential, Bloomberg News reported on Wednesday, citing ...
Wall Street Journal

Cybercrime and Hacking

Authorities are investigating the social-media platform’s role in deepfake images and alleged foreign interference in French politics. The company is targeting a global network employed by hackers and ...