ClickFix campaigns spread MacSync macOS infostealer via malicious Terminal commands since Nov 2025, targeting AI tool users ...

The LeakNet ransomware gang is now using the ClickFix technique for initial access into corporate environments and deploys a ...

BlackSanta is a malware module that kills EDR and AV at the kernel level prior to unleashing the malware’s final purpose.

Iran-linked Dust Specter targeted Iraqi officials using fake ministry lures and new malware families uncovered by Zscaler.

Crooks tweak familiar copy-paste ruse so that victims run malicious commands themselves A new twist on the long-running ...

Ransomware criminals exploited CVE-2026-20131, a maximum-severity bug in Cisco Secure Firewall Management Center software, as a zero-day vulnerability more than a month before Cisco patched the hole, ...

Hundreds of GitHub repositories seemingly offering “free game cheats” deliver malware, including the Vidar infostealer, ...

Ransomware threat actors tracked as Velvet Tempest are using the ClickFix technique and legitimate Windows utilities to deploy the DonutLoader malware and the CastleRAT backdoor.

The state-sponsored hackers deployed custom tools and stayed dormant in the compromised environments for months.

A fake $TEMU crypto airdrop uses the ClickFix trick to make victims run malware themselves and quietly installs a remote-access backdoor.

Windows has always been built for power users who automate. Now, OpenClaw and cloud APIs like WayinVideo are ushering in a new era of truly autonomous desktop workflows — here's what that looks like ...

Ransomware actors are ditching Cobalt Strike in favor of native Windows tools, as payment rates hit record lows and data theft surges.