Fake CAPTCHA Scam Tricks Windows Users Into Installing Malware

A fake CAPTCHA scam is tricking Windows users into running PowerShell commands that install StealC malware and steal passwords, crypto wallets, and more.

New ClickFix attack abuses nslookup to retrieve PowerShell payload via DNS

Threat actors are now abusing DNS queries as part of ClickFix social engineering attacks to deliver malware, making this the first known use of DNS as a channel in these campaigns.
The Hacker News

Microsoft Discloses DNS-Based ClickFix Attack Using Nslookup for Malware Staging

Microsoft details a new ClickFix variant abusing DNS nslookup commands to stage malware, enabling stealthy payload delivery ...
MUO on MSN

Windows 11 has a built-in video editor most people don't know exists

You might be installing video editors you don’t actually need on Windows 11.
Morning Overview on MSN

Microsoft’s new AI Notepad just opened a terrifyingly easy hacker loophole

A command injection flaw in the Windows Notepad App now gives remote attackers a path to execute code over a network, turning ...
Cryptopolitan

Quantum attack resistance BIP-360 added into the official Bitcoin repository

In the quest to prepare the Bitcoin ecosystem to handle future quantum computing threats, Bitcoin developers have officially submitted BIP-360 into the ...
WinBuzzer

Microsoft Launches Store CLI for App Management via the Command Line

Microsoft has released Store CLI, a new command-line tool that enables developers and power users to browse, install, and update Microsoft Store apps from the terminal.
GitHub

Eclipse ShellWax

ShellWax is a shell script development plugin for the Eclipse IDE, providing a rich edition experience through integration with the Bash Language Server. In order to use ShellWax on the user machine ...
Dark Reading

Microsoft Patches 6 Actively Exploited Zero-Days

Three of those zero-days are security feature bypass flaws, which give attackers a way to slip past built-in protections in ...