SecurityWeek

‘BlackSanta’ Malware Activates EDR and AV Killer Before Detonating Payload

The malware disables antivirus and EDR protections at the kernel level, clearing the path for credential harvesting, system reconnaissance, and eventual data exfiltration. An ongoing campaign, ...

New ‘BlackSanta’ EDR killer spotted targeting HR departments

For more than a year, a Russian-speaking threat actor targeted human resource (HR) departments with malware that delivers a new EDR killer named BlackSanta.

Stop the Slop: 8 Tools That Clean Up Windows 11

If Windows 11 feels cluttered with AI features, ads, and background services, these free debloating tools can help. Here are some of the most popular ways ...
SecurityWeek

ClickFix Attack Uses Windows Terminal to Evade Detection

A new ClickFix attack variant uses fake CAPTCHA pages instructing victims to paste and execute malicious commands in Windows Terminal.

Someone rebuilt Task Scheduler for Windows 11 and it goes way harder than it has any right to

A modern Task Scheduler for Windows 11 exists now, and honestly Microsoft should be embarrassed. Plus, it's free.

Termite ransomware breaches linked to ClickFix CastleRAT attacks

Ransomware threat actors tracked as Velvet Tempest are using the ClickFix technique and legitimate Windows utilities to deploy the DonutLoader malware and the CastleRAT backdoor.

ClickFix attackers using new tactic to evade detection, says Microsoft

Unwitting victims are now being tricked into installing malware via Windows Terminal, but some experts say this is old news.

Microsoft spots ClickFix campaign getting users to self-pwn on Windows Terminal

A new twist on the long-running ClickFix scam is now tricking Windows users into launching Windows Terminal and pasting ...

OpenAI Launches Codex Desktop App for Windows, Bringing AI Coding Agents to PC Developers

OpenAI has released its Codex desktop app for Windows, adding a native sandbox and PowerShell support, enabling developers to ...
GitHub

install-new-teams-v2.ps1

including the Outlook Add-in and sets required registry keys for Citrix VDA as well. The new Teams is based on EdgeWebView Runtime and willbe installed as well. You ...

Forget 'debloat apps.' Sophia Script gives you real control over Windows 11. Here's how it works.

The Sophia Script is an open-source PowerShell module designed to debloat and fine-tune Windows 11 (and Windows 10). It is ...
Cryptopolitan

I Almost Got Hacked on a Microsoft Teams Call — Here’s How the Scam Works

Let me tell you how I came within steps of becoming a victim in an elaborate social engineering scheme designed to exploit something so routine and apparently ...