Microsoft

New Clickfix variant ‘CrashFix’ deploying Python Remote Access Trojan

CrashFix crashes browsers to coerce users into executing commands that deploy a Python RAT, abusing finger.exe and portable Python to evade detection and persist on high‑value systems.
Dark Reading

Google Looker Bugs Allow Cross-Tenant RCE, Data Exfil

Attackers could even have used one vulnerable Lookout user to gain access to other Google Cloud tenants' environments.
Redmondmag.com

Planning for PowerShell Script Usage in a Multiplatform Environment

Let's examine the challenges of running Windows-dependent PowerShell scripts from Linux and compares three practical approaches -- dual booting, WinBoat and Windows Server RemoteApp -- to maintaining ...
Hackaday

BreezyBox: A BusyBox-Like Shell And Virtual Terminal For ESP32

Much like how BusyBox crams many standard Unix commands and a shell into a single executable, so too does BreezyBox provide a ...
The Hacker News

SolarWinds Web Help Desk Exploited for RCE in Multi-Stage Attacks on Exposed Servers

Microsoft links SolarWinds WHD exploits to RCE, lateral movement, and domain compromise in multi-stage attacks.
How-To Geek on MSN

These are the 3 coolest Linux apps you should try this weekend

Here's your ticket to make your own retro platform game, right on your Linux desktop.
Que.com on MSN

China-linked Lotus Blossom breaches Notepad++ hosting, spreads malware

A recent supply-chain-style intrusion has put a spotlight on a familiar truth in cybersecurity: attackers don’t always need to hack ...
Infosecurity-magazine.com

Rootshell Security

Maintain and improve your security posture year-round with Penetration Testing as a Service – an ongoing, real-time, and holistic security strategy, offering greater protection against cyber threats.