Microsoft

New Clickfix variant ‘CrashFix’ deploying Python Remote Access Trojan

CrashFix crashes browsers to coerce users into executing commands that deploy a Python RAT, abusing finger.exe and portable Python to evade detection and persist on high‑value systems.
Lifehacker

If You've Installed Any of These 17 Browser Extensions, Delete Them Now

Emily Long is a freelance writer based in Salt Lake City. After graduating from Duke University, she spent several years reporting on the federal workforce for Government Executive, a publication of ...
The Hacker News

SmarterMail Auth Bypass Exploited in the Wild Two Days After Patch Release

A new security flaw in SmarterTools SmarterMail email software has come under active exploitation in the wild, two days after the release of a patch. It has been described as an authentication bypass ...
The Hacker News

Cloudflare Fixes ACME Validation Bug Allowing WAF Bypass to Origin Servers

Cloudflare has addressed a security vulnerability impacting its Automatic Certificate Management Environment (ACME) validation logic that made it possible to bypass security controls and access origin ...
Reuters

Iranians tap Musk's Starlink to skirt internet blackout, sources say

Some Iranians continue to access Starlink, albeit with disruptions Musk's Starlink has been pivotal in global conflicts Starlink's cost limits access for many Iranians Jan 12 (Reuters) - Some Iranians ...