AppsFlyer Web SDK used to spread crypto stealer JavaScript code

Malicious JavaScript code delivered by the AppsFlyer Web SDK hijacked cryptocurrency, potentially in a supply-chain attack.

LeakNet ransomware uses ClickFix and Deno runtime for stealthy attacks

The LeakNet ransomware gang is now using the ClickFix technique for initial access into corporate environments and deploys a ...
Microsoft

Contagious Interview: Malware delivered through fake developer job interviews

The Contagious Interview campaign weaponizes job recruitment to target developers. Threat actors pose as recruiters from crypto and AI companies and deliver backdoors such as OtterCookie and ...
CSO Online

ClickFix techniques evolve in new infostealer campaigns

Recent social engineering schemes involving WordPress and Microsoft’s Windows Terminal show that this relatively basic tactic ...
InfoWorld

Programming Languages

Rust developers have three big worries – survey Most Rust developers are satisfied with the pace of the language’s evolution, but many are concerned Rust does not get enough usage in tech, the 2025 ...
XDA Developers on MSN

Google kept featuring this Chrome extension for months after it turned malicious

How can an extension change hands with no oversight?
InfoWorld

JetBrains launches Air and Junie CLI for AI-assisted development

Air is an environment for managing multiple coding agents side by side, while Junie CLI is a coding agent that supports Anthropic, OpenAI, Google, and other LLMs.
WinBuzzer

Fake Claude Code Pages Spread Malware to Developers via Google Ads

A malvertising campaign has spread fake Claude Code install pages through Google Ads, delivering the Amatera infostealer to ...