-
A new malware campaign, dubbed CRESCENTHARVEST, that abuses the ongoing Iran protest narrative to deliver a powerful information‑stealing remote access trojan (RAT) against Farsi‑speaking users. The operation appears tailored to supporters of the prote…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Threat actors on underground forums are now promoting a new “ClickFix” payload-delivery technique that hides malware in the browser cache to evade endpoint detection and response (EDR) tools. The seller pitches the method as an evolution of existing Cl…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Attackers have weaponized a malicious fork of the legitimate Triton macOS client for omg.lol, turning a trusted open-source project into a delivery channel for Windows malware hosted on GitHub. The campaign abuses GitHub’s forking model, misleading REA…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
QR code abuse has become a significant mobile threat vector, with attackers using it to deliver phishing pages, trigger in‑app account takeovers, and distribute malicious applications outside official app stores. Because people routinely scan QR codes …
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Forcepoint X-labs reveals how hackers use fake SSA emails and hijacked ScreenConnect tools to bypass Windows security to target UK, US, and Canadian organisations.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Hey folks in the threat‑hunting world looks like our coverage of the Noodlophile infostealer has struck a nerve with its creators. The operators used inflated engagement metrics and fake popularity scores to lure victims into downloading malicious ZIP …
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Cybersecurity experts at Moonlock Lab have discovered a new ClickFix attack. Hackers are using hijacked Google Ads and fake Claude AI guides to trick Mac users into installing the data-stealing MacSync malware.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A new variant of the “ClickFix” social engineering campaign specifically targeting macOS users. Codenamed Matryoshka a reference to its multiple nested obfuscation layers this evolution builds on prior ClickFix lures. However, it adds advanced evasion …
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
New investigation by Q Continuum reveals 287 Chrome extensions leaking the private browsing data of 37.4 million users to firms like Similarweb and Alibaba. Learn how these harmless tools turn your history into a product.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Over 1,800 Windows IIS servers worldwide have been compromised in a large-scale search engine optimization (SEO) poisoning campaign driven by the BADIIS malware, a malicious IIS module used to hijack legitimate web traffic. The operation, tracked by El…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
