@phongxuan

AppsFlyer Web SDK hijacked to spread crypto-stealing JavaScript code

1h ago · 3 min read · The AppsFlyer Web SDK was temporarily hijacked this week with malicious code used to steal cryptocurrency in a supply-chain attack. The payload can intercept cryptocurrency wallet addresses entered on websites and replace them with attacker-controlle...

Microsoft releases Windows 11 OOB hotpatch to fix RRAS RCE flaw

1h ago · 2 min read · Microsoft has released an out-of-band (OOB) update to fix a security vulnerabilities affecting Windows 11 Enterprise devices that receive hotpatch updates instead of the regular Patch Tuesday cumulative updates. The hotpatch update was released yest...

FBI seeks victims of Steam games used to spread malware

1d ago · 3 min read · The FBI is asking gamers who installed Steam titles containing malware to provide information as part of an ongoing investigation into eight malicious games uploaded to the gaming platform. In a notice published today by the FBI's Seattle Division, t...

Microsoft: Windows 11 users can't access C: drive on some Samsung PCs

1d ago · 2 min read · Microsoft is investigating a new issue affecting some Samsung laptops running Windows 11 after installing the February 2026 security updates, in which users lose access to their C:\ drive and are unable to launch applications. The company says it is ...

Fake enterprise VPN downloads used to steal company credentials

2d ago · 2 min read · A threat actor tracked as Storm-2561 is distributing fake enterprise VPN clients from Ivanti, Cisco, and Fortinet to steal VPN credentials from unsuspecting users. The attackers manipulate search results (SEO poisoning) for common queries like “Pulse...