Microsoft Teams is getting an Efficiency Mode for slower PCs and Macs
Microsoft is preparing to roll out a new Efficiency Mode in Teams to help the app run better on hardware-constrained devices. Microsoft’s message center says…
Linux GoGra backdoor hides commands in Outlook mailboxes using Microsoft Graph
A newly reported Linux version of the GoGra backdoor uses Microsoft Outlook mailboxes as its command channel, helping attackers blend malicious traffic into normal cloud…
Fake TradingView AI tool spreads Needle Stealer through a bogus TradingClaw site
A new malware campaign is targeting traders by abusing the TradingView name and pushing a fake AI assistant called TradingClaw. Researchers at Malwarebytes say the…
notnullOSX targets Mac crypto users through fake apps and a hijacked YouTube channel
A new macOS malware strain called notnullOSX has been caught in the wild, and it appears built for one job: stealing cryptocurrency from Mac users…
Bitwarden CLI supply chain attack exposed secrets through a poisoned npm release
A malicious npm release briefly compromised Bitwarden’s command-line client this week, but the incident was narrower than some early reports suggested. Bitwarden says the affected…
AI-assisted Lazarus campaign lures developers with fake coding tests that trigger malware on open
A North Korea-linked hacking operation is targeting software developers with fake job interviews and booby-trapped coding assignments, and the campaign shows how generative AI can…
Malicious npm package abused Hugging Face for both payload delivery and stolen-data storage
A malicious npm package called js-logger-pack turned Hugging Face into both a malware distribution point and a backend for stolen data, according to new research…
North Korean fake IT worker scheme keeps growing, with VPNs and laptop farms helping operatives look local
North Korea’s fake IT worker operation remains one of the most effective fraud and sanctions evasion schemes in the cyber world, and fresh research shows…
Unauthorized users reportedly accessed Anthropic’s restricted Mythos cyber model through vendor environment
A small group of unauthorized users reportedly gained access to Anthropic’s restricted Claude Mythos Preview through a third-party vendor environment, according to Bloomberg, with Anthropic…
Microsoft ships emergency .NET 10.0.7 update for ASP.NET Core privilege escalation flaw
Microsoft has released .NET 10.0.7 as an out-of-band security update to fix CVE-2026-40372, a newly disclosed elevation of privilege vulnerability in the Microsoft.AspNetCore.DataProtection package. The…
November 21, 2025
1 comment 
