Microsoft

Photo ZIP campaign targeting hospitality industry delivers Node.js implant for persistent access

Microsoft Threat Intelligence identified an active multi-stage intrusion campaign targeting hospitality organizations in ...
Dark Reading

Russian APT 'Gamaredon' Upgrades Its Arsenal, Requiring New Defenses

In a report this week, ESET tracks 35 separate Gamaredon spear-phishing campaigns against Ukraine carried out last year. In ...
Redmondmag.com

PowerShell Trusted Hosts for Mixed Environments

Trusted host lists can help keep PowerShell remoting working in mixed domain and workgroup environments, but only if admins avoid overwriting existing WinRM settings.
Microsoft

From package to postinstall payload: Inside the Mastra npm supply chain compromise by Sapphire Sleet

A poisoned npm package infected 140+ projects with a hidden payload. This report highlights how to detect, hunt, and defend ...

Task View not working or opening in Windows 11

If Task View is not working or opening in Windows 11, restart File Explorer, close all virtual desktops, re-enable the Task ...
The Hacker News

GitHub to Disable npm Install Scripts by Default to Stop Supply Chain Attacks

GitHub has announced what it said are "breaking changes" coming to npm version 12, one of which turns off install scripts by default to combat software supply chain threats. The changes aim to combat ...
The Hacker News

CISA Adds Cisco, Chrome, and Arista Flaws to KEV Catalog Amid Active Exploitation

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added three new vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog, following reports of active ...
Reuters

ChatGPT app hits 1 billion monthly active users in record time, data shows

June 2 (Reuters) - OpenAI's ChatGPT has crossed 1 billion global monthly active app users, becoming the fastest app ever to reach the milestone, ‌according to estimates from market intelligence firm ...