WordPress malware uses Steam profile comments for command and control

The comments on some Steam Profiles are actually loaded with invisible malware.

‘No security breach’: CBSE clarifies after Class 12 student claims ‘vulnerabilities ...

CBSE clarified that the portal used for evaluation answer sheets has a different URL than the one visible on the teenager's ...
The Hacker News

Microsoft Warns Developers of Fake Next.js Job Repos Delivering In-Memory Malware

A "coordinated developer-targeting campaign" is using malicious repositories disguised as legitimate Next.js projects and technical assessments to trick victims into executing them and establish ...
Bleeping Computer

New MatrixPDF toolkit turns PDFs into phishing and malware lures

A new phishing and malware distribution toolkit called MatrixPDF allows attackers to convert ordinary PDF files into interactive lures that bypass email security and redirect victims to credential ...
The Hacker News

Fake Job Applications Deliver Dangerous More_eggs Malware to HR Professionals

A spear-phishing email campaign has been observed targeting recruiters with a JavaScript backdoor called More_eggs, indicating persistent efforts to single out the sector under the guise of fake job ...
Bleeping Computer

New attack uses MSC files and Windows XSS flaw to breach networks

A novel command execution technique dubbed 'GrimResource' uses specially crafted MSC (Microsoft Saved Console) and an unpatched Windows XSS flaw to perform code execution via the Microsoft Management ...
Neowin

Microsoft to shut down OneDrive feature that let users upload files from a URL

Microsoft has announced that it will shut down a OneDrive feature that allows users to upload a file from a URL. Microsoft says the feature, which is labeled as a preview, will close on March 29.
C&EN

Acceptable Software by File Designation

A list of acceptable software formats for each File Designation is provided below. Files that are not in an acceptable format will be rejected by the ACS Paragon Plus system.