The Hacker News

Microsoft Discloses DNS-Based ClickFix Attack Using Nslookup for Malware Staging

Microsoft details a new ClickFix variant abusing DNS nslookup commands to stage malware, enabling stealthy payload delivery and RAT deployment.

AI connector for Google Calendar makes convenient malware launchpad, researchers show

'Claude DXT's container falls noticeably short of what is expected from a sandbox' LayerX, a security company based in Tel Aviv, says it has identified a zero-click remote code execution vulnerability ...
The Hacker News

China-Linked Amaranth-Dragon Exploits WinRAR Flaw in Espionage Campaigns

China-linked Amaranth-Dragon and Mustang Panda target Southeast Asian governments using WinRAR exploit and PlugX phishing ...
CSO Online

This stealthy Windows RAT holds live conversations with its operators

The modular Windows RAT uses in-memory execution and live operator control to maintain persistence and exfiltrate sensitive ...

How recruitment fraud turned cloud IAM into a $2 billion attack surface

Adversaries weaponized recruitment fraud to steal cloud credentials, pivot through IAM misconfigurations, and reach AI ...
CSO Online

New APT group breached gov and critical infrastructure orgs in 37 countries

Security researchers from Palo Alto Networks believe the likely Asia-based group is expanding its activities, which include ...

Asia-based government spies quietly broke into critical networks across 37 countries

And their toolkit includes a new, Linux kernel rootkit A state-aligned cyber group in Asia compromised government and critical infrastructure organizations across 37 countries in an ongoing espionage ...
WinBuzzer

As Malicious Skills Flood OpenClaw AI Marketplace, Inventor Turns to VirusTotal For Help

Attackers have uploaded over 300 malicious skills to OpenClaw's AI marketplace, turning it into a malware delivery system ...

Malicious 7-Zip site distributes installer laced with proxy tool

A fake 7-Zip website is distributing a trojanized installer of the popular archiving tool that turns the user's computer into ...

Measles is spreading in Kentucky. See your risk by zip code with this map

A new map from public health researchers shows several potential measles "hot spots" in Lexington where vaccination rates are lower.

A fake 7‑Zip installer is spreading, and the malware’s goal is unexpected

Here is what the fake 7-Zip installer does behind the scenes, how it maintains persistence, and what steps to take if you ...