CSO Online

Ivanti patches two actively exploited critical vulnerabilities in EPMM

The code injection flaws allow for unauthenticated remote code execution on Ivanti Endpoint Manager Mobile deployments, but ...
The Hacker News

Fake Moltbot AI Coding Assistant on VS Code Marketplace Drops Malware

A fake VS Code extension posing as a Moltbot AI assistant installed ScreenConnect malware, giving attackers persistent remote ...
The Hacker News

ClickFix Attacks Expand Using Fake CAPTCHAs, Microsoft Scripts, and Trusted Web Services

ClickFix uses fake CAPTCHAs and a signed Microsoft App-V script to deploy Amatera stealer on enterprise Windows systems.

North Korean cybercriminals are using an AI-generated PowerShell backdoor

North Korean cybercriminals are targeting developers with access to blockchains. A PowerShell backdoor appears to be ...
GitHub

kubetail-org/fancy-ansi

Failure to parse some of our users' ANSI markup Use of hard-coded styles that made customization more difficult Lack of support for CSS variables To solve these problems and make something that ...
GitHub

Extract TOTP/HOTP secrets from QR codes exported by two-factor authentication apps

The Python script extract_otp_secrets.py extracts one time password (OTP) secrets from QR codes exported by two-factor authentication (2FA) apps such as "Google Authenticator". The exported QR codes ...