SecurityWeek

‘BlackSanta’ Malware Activates EDR and AV Killer Before Detonating Payload

The malware disables antivirus and EDR protections at the kernel level, clearing the path for credential harvesting, system reconnaissance, and eventual data exfiltration. An ongoing campaign, ...

New ‘BlackSanta’ EDR killer spotted targeting HR departments

For more than a year, a Russian-speaking threat actor targeted human resource (HR) departments with malware that delivers a new EDR killer named BlackSanta.

Stop the Slop: 8 Tools That Clean Up Windows 11

If Windows 11 feels cluttered with AI features, ads, and background services, these free debloating tools can help. Here are some of the most popular ways ...
ExtremeTech

OpenAI Brings Codex AI Coding App to Windows

OpenAI's Codex coding app is available on Windows after a period of exclusivity to macOS. The app is a hub where developers can manage multiple AI agents within a single project, allowing them to ...

Termite ransomware breaches linked to ClickFix CastleRAT attacks

Ransomware threat actors tracked as Velvet Tempest are using the ClickFix technique and legitimate Windows utilities to deploy the DonutLoader malware and the CastleRAT backdoor.
GitHub

‍♂️ Loki Command & Control

Loki is a stage-1 command and control (C2) framework written in Node.js, built to script-jack vulnerable Electron apps MITRE ATT&CK T1218.015. Developed for red team operations, Loki enables evasion ...
GitHub

PowerShell for Visual Studio Code

This extension provides rich PowerShell language support for Visual Studio Code (VS Code). Now you can write and debug PowerShell scripts using the excellent IDE-like interface that VS Code provides.