SparkCat resurfaces in three app store apps, scanning crypto wallet images via OCR, increasing global risk.
Get the latest international news and world events from around the world.
Researchers Uncover Mining Operation Using ISO Lures to Spread RATs and Crypto Miners
As recently observed in the FAUX#ELEVATE campaign, “WinRing0x64.sys,” a legitimate, signed, and vulnerable Windows kernel driver, is abused to obtain kernel-level hardware access and modify CPU settings to boost hash rates, thereby enabling performance improvement. The use of the driver has been observed in many cryptojacking campaigns over the years. The functionality was added to XMRig miners in December 2019.
Elastic said it also identified another campaign that leads to the deployment of SilentCryptoMiner. The miner, besides using direct system calls to evade detection, takes steps to disable Windows Sleep and Hibernate modes, set up persistence via a scheduled task, and uses the “Winring0.sys” driver to fine-tune the CPU for mining operations.
Another notable component of the attack is a watchdog process that ensures the malicious artifacts and persistence mechanisms are restored in the event they are deleted. The campaign is estimated to have accrued 27.88 XMR ($9,392) across four tracked wallets, indicating that the operation is yielding consistent financial returns to the attacker.
WhatsApp Alerts 200 Users After Fake iOS App Installed Spyware; Italian Firm Faces Action
In December 2025, TechCrunch reported that SIO was behind a set of malicious Android apps that masqueraded as WhatsApp and other popular apps but stole private data from a target’s device using a spyware family called Spyrtacus. The apps are believed to have been used by a government customer to target unknown victims in Italy.
SIO is one of the many Italian companies selling surveillance tools, including Cy4Gate, eSurv, GR Sistemi, Negg, Raxir, and RCS Lab, turning the country into a “spyware hub.”
Early last year, WhatsApp alerted around 90 users that they were targeted with Paragon Solutions’ spyware known as Graphite. Then, in August 2025, it notified less than 200 users who may have been targeted as part of a sophisticated campaign by chaining together zero-day vulnerabilities in iOS and the messaging app.
Claude Code leak used to push infostealer malware on GitHub
Threat actors are exploiting the recent Claude Code source code leak by using fake GitHub repositories to deliver Vidar information-stealing malware.
Claude Code is a terminal-based AI agent from Anthropic, designed to execute coding tasks directly in the terminal and act as an autonomous agent, capable of direct system interaction, LLM API call handling, MCP integration, and persistent memory.
On March 31, Anthropic accidentally exposed the full client-side source code of the new tool via a 59.8 MB JavaScript source map included by accident in the published npm package.
LinkedIn secretely scans for 6,000+ Chrome extensions, collects data
A new report dubbed “BrowserGate” warns that Microsoft’s LinkedIn is using hidden JavaScript scripts on its website to scan visitors’ browsers for installed extensions and collect device data.
According to a report by Fairlinked e. V., which claims to be an association of commercial LinkedIn users, Microsoft’s platform injects JavaScript into user sessions that checks for thousands of browser extensions and links the results to identifiable user profiles.
The author claims that this behavior is used to collect sensitive personal and corporate information, as LinkedIn accounts are tied to real identities, employers, and job roles.
Microsoft still working to fix Exchange Online mailbox access issues
Microsoft is investigating and working to resolve Exchange Online mailbox access issues that have intermittently affected Outlook mobile and macOS users for weeks.
When it first acknowledged this service issue (tracked under EX1256020) last week, Microsoft said it started on March 11 and that the root cause was a newly introduced virtual account. While the company flagged it as resolved on April 1, the incident has been re-added to the admin message center under a different tag (EX1268771).
“We’ve received reports from affected tenants that the impact scenario originally communicated through SHD EX1256020 is still ongoing. We’re working to restart the Notification Broker service on affected portions of Exchange Online service infrastructure to remediate impact while we continue our analysis into the underlying root cause,” Microsoft says.
Man admits to locking thousands of Windows devices in extortion plot
A former core infrastructure engineer has pleaded guilty to locking Windows admins out of 254 servers as part of a failed extortion plot targeting his employer, an industrial company headquartered in Somerset County, New Jersey.
According to court documents, 57-year-old Daniel Rhyne from Kansas City, Missouri, remotely accessed the company’s network without authorization using an administrator account between November 9 and November 25.
Throughout this time, he allegedly scheduled tasks on the company’s Windows domain controller to delete network admin accounts and to change the passwords for 13 domain admin accounts and 301 domain user accounts to “TheFr0zenCrew!”
Study suggests people are losing 338 spoken words every year and have been for at least 15 years
In a society increasingly shaped by self-checkouts, GPS navigation and touchscreen ordering kiosks, new research shows face-to-face conversation may be quietly fading. A new study published in Perspectives on Psychological Science suggests that people are losing 338 spoken words every year and have been for at least a decade and a half.
Matthias Mehl, a psychology professor at the University of Arizona, has spent his career studying how people communicate in everyday life. When he set out to replicate his landmark 2007 Science paper on gender differences in talkativeness, the results pointed to something he hadn’t gone looking for: a steady, years-long decline in how much people speak each day.
For this study, Mehl collaborated with Valeria Pfeifer, an assistant professor of psychology and counseling at the University of Missouri–Kansas City and the study’s first author. Mehl spoke with the University of Arizona News about the accidental discovery, what it means for social connection, and why losing a few hundred words per day each year matters more than it seems.