GhostTree exploits improperly guarded NTFS junctions in the Windows file system to trap scanners in infinite loops and hide malicious files from detection.
One in six breaches involves third parties, and even rapid patches fail to prevent most incidents—therefore incident exercises must prioritize operational resilience and third-party scenarios.
Three new malware loaders (BabaDeda, Lorem Ipsum, Potemkin) distribute via ClickFix social engineering and compromised WordPress sites to enable data theft, ransomware, and remote control.
Attackers from the Atomic Arch campaign infiltrate over 1,500 orphaned AUR packages with eBPF-based rootkits for credential theft, prompting Arch Linux to halt new account registrations.