Fake Solidity VSCode extension on Open VSX backdoors developers

A remote access trojan dubbed SleepyDuck, and disguised as the well-known Solidity extension in the Open VSX open-source ...
The Hacker News

Malicious VSX Extension "SleepyDuck" Uses Ethereum to Keep Its Command Server Alive

Researchers uncover SleepyDuck RAT hidden in VSX extension, using Ethereum contracts to control infected hosts.

Russian hackers abuse Hyper-V to hide malware in Linux VMs

The Russian hacker group Curly COMrades has been abusing Microsoft's Hyper-V virtualization technology in Windows to bypass ...
Microsoft

SesameOp: Novel backdoor uses OpenAI Assistants API for command and control

Microsoft Incident Response – Detection and Response Team (DART) researchers uncovered a new backdoor that is notable for its novel use of the OpenAI Assistants Application Programming Interface (API) ...
Cloud Security Alliance

VDI, DaaS, or Local Secure Enclaves? A CCM‑Aligned Playbook for BYOD in 2025

Decide between three patterns – streamed desktops (VDI/DaaS), per‑app access via ZTNA and application proxies, and local ...