LinkedIn Hidden Code Secretly Scans Users’ Computers for Installed Software
A new investigation by Fairlinked e.V.
Microsoft
20 articles
LinkedIn secretely scans for 6,000+ Chrome extensions, collects data
A new report dubbed "BrowserGate" warns that Microsoft's LinkedIn is using hidden JavaScript scripts on its website to scan visitors' browsers for installed ...
LinkedIn secretly scans for 6,000+ Chrome extensions, collects data
A new report dubbed "BrowserGate" warns that Microsoft's LinkedIn is using hidden JavaScript scripts on its website to scan visitors' browsers for installed ...
Malicious LNK files, GitHub leveraged in South Korea-targeted malware campaign
Infosecurity Magazine reports that Windows users across South Korea have been subjected to attacks involving illicit LNK files that trigger multi-stage compr...
Microsoft Details Cookie-Controlled PHP Web Shells Persisting via Cron on Linux Servers
Threat actors are increasingly using HTTP cookies as a control channel for PHP-based web shells on Linux servers and to achieve remote code execution, accord...
Microsoft Forces Unmanaged Windows 11 Devices to Upgrade to Version 24H2
Microsoft has officially initiated an automated, machine-learning-based rollout for Windows 11, version 25H2, targeting unmanaged systems. As part of its ong...
Infrastructure Engineer Pleads Guilty to Locking 254 Windows Servers at Former Employer
Daniel Rhyne, a 59-year-old former core infrastructure engineer, pleaded guilty on April 1, 2026, to federal hacking and extortion charges. He admitted to lo...
Windows Security app gets Secure Boot certificate status indicators as 2026 expiration approaches
Microsoft’s Secure Boot certificates, issued in 2011, are approaching expiration in 2026. To help IT administrators track whether devices have received repla...
Microsoft still working to fix Exchange Online mailbox access issues
Microsoft is investigating and working to resolve Exchange Online mailbox access issues that have intermittently affected Outlook mobile and macOS users for ...
Kimsuky Uses Malicious LNK Files to Drop Python Backdoor
Kimsuky is using multi-stage malicious LNK files to deploy a Python-based backdoor, adding new intermediate scripts while keeping the final payload logic lar...
Man admits to locking thousands of Windows devices in extortion plot
A former core infrastructure engineer has pleaded guilty to locking Windows admins out of 254 servers as part of a failed extortion plot targeting his employ...
Microsoft now force upgrades unmanaged Windows 11 24H2 PCs
Starting this week, Microsoft has begun force-upgrading unmanaged devices running Windows 11 24H2 Home and Pro editions to Windows 11 25H2. [.
Microsoft releases open-source toolkit to govern autonomous AI agents
AI agents can book travel, execute financial transactions, write and run code, and manage infrastructure without human intervention at each step. Frameworks ...
North Korea Uses GitHub as C2 in New LNK Phishing Campaign
A new phishing campaign that uses malicious Windows shortcut (LNK) files to target users in South Korea, while abusing GitHub as Command and Control (C2) inf...
Top 10 Best SaaS Security Posture Management (SSPM) Tools 2026
The rapid and relentless adoption of Software-as-a-Service (SaaS) applications has fundamentally transformed how businesses operate in 2026. From critical pr...
Global Microsoft device code phishing facilitated by novel EvilTokens kit
BleepingComputer reports that organizations around the world, particularly in the U.S.
Threat actor abuse of AI accelerates from tool to cyberattack surface
Generative AI is upgrading cyberattacks, from 450% higher phishing click‑through rates to industrialized MFA bypass. The post Threat actor abuse of AI accele...
Cookie-controlled PHP webshells: A stealthy tradecraft in Linux hosting environments
Cookie-gated PHP webshells use obfuscation, php-fpm execution, and cron-based persistence to evade detection in Linux hosting environments. This post examine...
Microsoft Warns of WhatsApp Attachments Spreading Backdoor on Windows PCs
Microsoft warns of a WhatsApp attachments spreading VBS malware that installs backdoors on Windows PCs, giving hackers remote access and control systems.
Akira-Style Ransomware Campaign Hits Windows Users Across South America
A newly identified ransomware campaign is targeting Windows users across South America, leveraging tactics that closely mimic the notorious Akira ransomware ...