SecurityWeek

‘SolyxImmortal’ Information Stealer Emerges

The Python-based information stealer SolyxImmortal uses legitimate APIs and libraries for stealthy data gathering and ...
Dark Reading

'CrashFix' Scam Crashes Browsers, Delivers Malware

The attack consists of a NexShield malicious browser extension, a social engineering technique to crash the browser, and a ...
Cybernews

KongTuke’s CrashFix campaign uses fake Chrome adblocker to deploy ModeloRAT

A worker searching for an adblocker ended up installing malware instead after threat actor KongTuke pushed a fake Chrome ...

Hackers are now exploiting the safety of open-source apps to sideload malware, and on LinkedIn of all places

The good news is that not clicking on unknown links avoids it entirely.
SecurityWeek

Malicious Chrome Extension Crashes Browser in ClickFix Variant ‘CrashFix’

ClickFix variant CrashFix relies on a malicious Chrome extension to crash the browser and trick victims into installing the ...

WhatsApp Web malware spreads banking trojan automatically

New WhatsApp Web attack spreads self-propagating ZIP files containing Astaroth banking malware through trusted conversations.
腾讯网

新型Kerberos中继攻击利用DNS CNAME记录绕过防护措施 - PoC已发布

当受害者尝试访问合法域资产时,恶意DNS服务器会返回一个指向攻击者控制主机名的CNAME记录,以及一个解析为攻击者IP地址的A记录。这导致受害者使用为攻击者目标服务准备的票据向攻击者基础设施进行认证。 测试证实,该漏洞在Windows ...
The Hacker News

⚡ Weekly Recap: Fortinet Exploits, RedLine Clipjack, NTLM Crack, Copilot Attack & More

This week’s recap unpacks how evolving exploits, malware frameworks, and cloud missteps are reshaping modern cyber defense ...