How ‘Handala’ Became the Face of Iran’s Hacker Counterattacks

Amid a paralyzing breach of medical tech firm Stryker, the group has come to represent Iran's use of “hacktivism” as cover for chaotic, retaliatory state-sponsored cyberattacks.
Microsoft

Contagious Interview: Malware delivered through fake developer job interviews

The Contagious Interview campaign weaponizes job recruitment to target developers. Threat actors pose as recruiters from crypto and AI companies and deliver backdoors such as OtterCookie and ...

'Data Reconstruction' priority contract walkthrough in Marathon

Here's a complete walkthrough for all three stages of the "Data Reconstruction" priortiy contract in Marathon, including where to find sparkleaf and fungal bioprinters, the agriculture report, harvest ...
Bleeping Computer

New KadNap botnet hijacks ASUS routers to fuel cybercrime proxy network

A newly discovered botnet malware called KadNap is targeting ASUS routers and other edge networking devices to turn them into proxies for malicious traffic. Since August 2025, KadNap has grown to ...

APT28 hackers deploy customized variant of Covenant open-source tool

The Russian state-sponsored APT28 threat group is using a custom variant of the open-source Covenant post-exploitation framework for long-term espionage operations.
InfoWorld

Coding for agents

Savvy developers are realizing the advantages of writing explicit, consistent, well-documented code that agents easily understand. Boring makes agents more reliable.