Microsoft

New Clickfix variant ‘CrashFix’ deploying Python Remote Access Trojan

CrashFix crashes browsers to coerce users into executing commands that deploy a Python RAT, abusing finger.exe and portable Python to evade detection and persist on high‑value systems.
The Hacker News

Malicious NGINX Configurations Enable Large-Scale Web Traffic Hijacking Campaign

Active React2Shell exploitation uses malicious NGINX configurations to hijack web traffic, targeting Baota panels, Asian TLDs ...
PCGamesN

Sorry, Epic's taking back those 'free' Fortnite V-Bucks from the Dumb Ways To Die bundle exploit

People say there's no such thing as a free lunch, and in much the same manner any opportunity to claim 'free' Fortnite V-Bucks is likely to come with a catch. So when players found a way to grab 800 V ...
Yardbarker

Arc Raiders Declares War on Fog-Free Foes With Hotfix That Targets Major Visual Exploit

A recent hotfix has been deployed for Arc Raiders, directly targeting an unfair advantage that had slipped into players’ hands. The developer, Embark Studios, moved quickly to remove a command that ...
The Hacker News

Researchers Find 341 Malicious ClawHub Skills Stealing Data from OpenClaw Users

A security audit found 341 malicious ClawHub skills abusing OpenClaw to spread Atomic Stealer and steal credentials on macOS ...

I hacked my own computer using OpenClaw and it was terrifyingly easy

Agentic AI tools like OpenClaw promise powerful automation, but a single email was enough to hijack my dangerously obedient ...