Hackaday

This Week In Security: CVSS 0, Chwoot, And Not In The Threat Model

This week a reader sent me a story about a CVE in Notepad++, and something isn’t quite right. The story is a DLL hijack, a technique where a legitimate program’s Dynamic Link Library (DLL) is replaced ...
Dark Reading

ToddyCat APT Targets ESET Bug to Load Silent Malware

The Chinese-speaking ToddyCat advanced persistent threat (APT) group is targeting a security vulnerability in ESET's antivirus software to silently execute malicious payloads on infected devices.