The Hacker News

Ghostwriter Targets Ukraine Government Entities with Prometheus Phishing Malware

Ghostwriter used Prometheus lures since spring 2026 to target Ukraine agencies, enabling malware delivery and data theft.
Windows Report

Tycoon2FA Returns With New Microsoft 365 Device-Code Phishing Attacks

Tycoon2FA has returned with new device-code phishing attacks targeting Microsoft 365 users through legitimate OAuth login ...
cybernews

Race to tear down open source: copycats reusing TeamPCP’s code in NPM attacks

Copycat hackers are competing to win $1,000 for the largest supply chain attack using Shai-Hulud, an open-sourced worm that has brought down a few major open-source projects. Malicious NPM packages ...

Tycoon2FA hijacks Microsoft 365 accounts via device-code phishing

The Tycoon2FA phishing kit now supports device-code phishing attacks and abuses Trustifi click-tracking URLs to hijack ...
CSO Online

FlowerStorm phishing gang adopts virtual-machine obfuscation to evade email defenses

Researchers say the campaign uses a browser-based JavaScript VM to hide credential theft and intercept MFA at scale.
IEEE

A Comprehensive Solution for Obfuscation Detection and Removal Based on Comparative ...

Abstract: Obfuscation is the technique of making code difficult to read or comprehend. Nowadays, attackers often hide their malicious code using obfuscation and use it as a tool to exploit users. In ...
IEEE

Evaluating Opcodes for Detection of Obfuscated Android Malware

Abstract: Obfuscation refers to changing the structure of code in a way that original semantics can be hidden. These techniques are often used by application developers for code hardening but it has ...