-
Fake CAPTCHA ClickFix attack tricks users into running malicious commands, using cmdkey and regsvr32 to maintain persistence and avoid detection on Windows
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
GitGuardian uncovers TeamPCP attack on Bitwarden CLI, abusing GitHub Dependabot to spread Shai-Hulud and poison AI coding tools.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
New GoGra Linux malware linked to Harvester APT targets systems in South Asia, using fake PDFs and Microsoft APIs for covert command and control.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Cybersecurity researchers at Forcepoint uncover new indirect prompt injection attacks that use hidden website code to exploit AI assistants like GitHub Copilot.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Anthropic is investigating a vendor breach after a Discord-linked group accessed its Claude Mythos AI model, with no evidence of impact on core systems.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Acronis reveals Mustang Panda is using a new LOTUSLITE backdoor to target Indian banks and Korean diplomats. Learn how this DLL sideloading attack works.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Bluesky is back online after a roughly 24-hour DDoS attack disrupted services, with the Iran-linked 313 Team claiming responsibility and no data breach reported.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Hackers have deployed a new destructive malware, dubbed Lotus Wiper , in a targeted cyberattack against energy and utilities organizations in Venezuela, aiming not to extort money but to destroy data and disrupt operations permanently. Artifacts from t…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Grinex exchange collapses after $13.7M breach, blames Western spies as Chainalysis flags possible exit scam and sanctions evasion network links claims.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Vercel confirms a breach linked to Context.ai as a hacker lists alleged data for $2M. ShinyHunters denies involvement and flags imposters.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
