New ClickFix attack abuses nslookup to retrieve PowerShell payload via DNS

Threat actors are now abusing DNS queries as part of ClickFix social engineering attacks to deliver malware, making this the ...

CTM360: Lumma Stealer and Ninja Browser malware campaign abusing Google Groups

CTM360 reports 4,000+ malicious Google Groups and 3,500+ Google-hosted URLs used to spread the Lumma Stealer infostealing ...

Pastebin comments push ClickFix JavaScript attack to hijack crypto swaps

Threat actors are abusing Pastebin comments to distribute a new ClickFix-style attack that tricks cryptocurrency users into ...

Windows 11 KB5077181 fixes boot failures linked to failed updates

Microsoft says it has resolved a Windows 11 bug that caused some commercial systems to fail to boot with an "UNMOUNTABLE_BOOT_VOLUME" error after installing recent security updates, with the fix ...

One threat actor responsible for 83% of recent Ivanti RCE attacks

Threat intelligence observations show that a single threat actor is responsible for most of the active exploitation of two ...

Snail mail letters target Trezor and Ledger users in crypto-theft attacks

Threat actors are sending physical letters pretending to be from Trezor and Ledger, makers of cryptocurrency hardware wallets ...

Fake job recruiters hide malware in developer coding challenges

A new variation of the fake recruiter campaign from North Korean threat actors is targeting JavaScript and Python developers ...

Microsoft fixes bug that blocked Google Chrome from launching

Microsoft has fixed a known issue causing its Family Safety parental control service to block Windows users from launching ...

AMOS infostealer targets macOS through a popular AI app

AMOS infostealer is targeting macOS users by abusing popular AI apps and extension marketplaces to harvest credentials. Flare ...

Critical BeyondTrust RCE flaw now exploited in attacks, patch now

A critical pre-authentication remote code execution vulnerability in BeyondTrust Remote Support and Privileged Remote Access ...

Russia tries to block WhatsApp, Telegram in communication blockade

The Russian government is attempting to block WhatsApp in the country as its crackdown on communication platforms not under ...

Google says hackers are abusing Gemini AI for all attacks stages

Google Threat Intelligence Group (GTIG) has published a new report warning about AI model extraction/distillation attacks, in ...