AppsFlyer Web SDK used to spread crypto stealer JavaScript code

Malicious JavaScript code delivered by the AppsFlyer Web SDK hijacked cryptocurrency, potentially in a supply-chain attack.

Microsoft releases Windows 11 OOB hotpatch to fix RRAS RCE flaw

Microsoft has released an out-of-band (OOB) update to fix a security vulnerabilities affecting Windows 11 Enterprise devices ...
The Hacker News

GlassWorm Supply-Chain Attack Abuses 72 Open VSX Extensions to Target Developers

GlassWorm campaign used 72 malicious Open VSX extensions and infected 151 GitHub repositories, enabling stealth supply-chain attacks on developers.
The New Yorker

The Pentagon Went to War with Anthropic. What’s Really at Stake?

The Trump Administration wants Anthropic’s A.I. model, Claude, to act like an obedient soldier; the tech firm argues that that could lead down a dangerous path.

6 VPN services you should try and 5 to avoid according to experts

VPNs are a great way to access streaming services and increase your privacy, but some VPNs are worse than having none at all.
Security Boulevard

Watch out for fake Malwarebytes renewal notices in your calendar

Scammers are sending fake calendar “renewal” notices impersonating Malwarebytes to trick victims into calling a fake billing number.