The Hacker News

SloppyLemming Targets Pakistan and Bangladesh Governments Using Dual Malware Chains

SloppyLemming targeted Pakistan and Bangladesh with BurrowShell, a Rust keylogger, and 112 Cloudflare Workers domains in 2025–2026.
Microsoft

OAuth redirection abuse enables phishing and malware delivery

OAuth redirection is being repurposed as a phishing delivery path. Trusted authentication flows are weaponized to move users from legitimate sign‑in pages to attacker‑controlled infrastructure.
Infosecurity-magazine.com

World Leaks Ransomware Group Adds Stealthy, Custom Malware ‘RustyRocket’ to Attacks

World Leaks, the cyber-criminal data extortion group which has targeted some of the world’s biggest companies, has added a novel, never-before-seen malware to their arsenal, research by Accenture ...
Microsoft

Infostealers without borders: macOS, Python stealers, and platform abuse

Infostealer threats are rapidly expanding beyond traditional Windows-focused campaigns, increasingly targeting macOS environments, leveraging cross-platform languages such as Python, and abusing ...
CSOonline

Sicarii ransomware locks your data and throws away the keys

A key-handling defect in the ransomware can permanently lock files by discarding private encryption keys, leaving affected organizations unable to recover data even if a ransom is paid. A newly ...
Redmond Pie

Microsoft’s Bitlocker Encryption Keys Given To The FBI Set A Worrying Precedent

Microsoft was asked last year to give the FBI access to the encryption keys used by BitLocker to protect data on three laptops. The company complied and warned that it receives around 20 similar ...
Dark Reading

Vibe-Coded 'Sicarii' Ransomware Can't Be Decrypted

Victims hit with the emerging Sicarii ransomware should never opt to pay up: the decryption process doesn't work, likely a result of an unskilled cybercriminal using vibe-coding to create it.
CNBC

Quantum computing will threaten all public key encryption, Citi analyst warns

Monday - Friday, 08:00 - 11:00 CET | 14:00 - 17:00 HK/SG Ronit Ghose, Global Head of Future of Finance at Citi, discusses why post-quantum cryptography is key to fighting quantum threats. Got a ...
PC Gamer

Microsoft says sure, it'll hand over your encrypted data to the FBI: 'The lesson here is that if you have access to keys, eventually law enforcement is going to come'

"Microsoft believes customers are in the best position to decide how to manage their keys." When you purchase through links on our site, we may earn an affiliate commission. Here’s how it works.
TechSpot

Microsoft's BitLocker encryption comes with a catch: the keys may be on Microsoft's servers

In context: Tech companies promote device encryption to reassure customers that their data remains private. Some, such as Apple, have resisted requests from authorities to bypass encryption. However, ...
Gizmodo

Microsoft Reportedly Turned Over BitLocker Encryption Keys to the FBI

Microsoft handed over encryption keys for its hard drive encryption software BitLocker to the FBI last year, complying with a search warrant tied to a fraud investigation in Guam. This marks the first ...
techtimes

Microsoft Account Security: Protect Windows Accounts with Built-In Tools and Features

Microsoft account security is essential for protecting data across Outlook, Xbox, and Windows devices. Unprotected accounts are prime targets for phishing, ransomware, and unauthorized access, making ...