The Hacker News

DRILLAPP Backdoor Targets Ukraine, Abuses Microsoft Edge Debugging for Stealth Espionage

DRILLAPP JavaScript backdoor targets Ukraine in Feb 2026, abusing Edge debugging features to spy via camera, microphone, and ...

New font-rendering trick hides malicious commands from AI tools

A new font-rendering attack causes AI assistants to miss malicious commands shown on webpages by hiding them in seemingly harmless HTML.
Microsoft

Storm-2561 uses SEO poisoning to distribute fake VPN clients for credential theft

Storm-2561 uses SEO poisoning to push fake VPN downloads that install signed trojans and steal VPN credentials. Active since ...
Hackaday

Cellphone Hacks

Mozilla released the latest alpha version of their new mobile browser Fennec for Windows Mobile. It brings many new features and fixes, such as improved startup time and a caching system to help ...

AppsFlyer Web SDK used to spread crypto stealer JavaScript code

Malicious JavaScript code delivered by the AppsFlyer Web SDK hijacked cryptocurrency, potentially in a supply-chain attack.
NDTV Profit on MSN

'Digital Lutera' fraud toolkit can hack your UPI account? NPCI denies

"NPCI has examined the report and clarifies that robust checks and safeguards are already in place to address such risks," the nodal payments body said.