New ClickFix Campaign Uses macOS Script Editor to Deliver Atomic Stealer
A newly discovered ClickFix campaign is targeting macOS users through a technique that completely bypasses Terminal, using Script Editor to drop the Atomic Stealer infostealer…
Category: CyberSecurityNews
Hackers Impersonate Linux Foundation Leader in Slack to Target Open Source Developers
Open source developers are facing a growing and sophisticated threat — one that does not rely on complex exploits or hidden vulnerabilities but instead uses…
New Silver Fox Campaign Hides ValleyRAT Inside Fake Telegram Chinese Language Pack Installer
A new malware campaign linked to the Silver Fox APT group has been discovered, using a fake Telegram Chinese language pack installer to secretly deliver…
IBM Identity and Verify Access Vulnerabilities Allow Remote Attacker to Access Sensitive Data
A critical security bulletin highlights multiple vulnerabilities in Verify Identity Access and Security Verify Access products. If left unpatched, these widespread security flaws could allow…
EvilTokens & AMOS Threats in March 2026
EvilTokens and AMOS redefine modern phishing attacks Two significant threat campaigns from March 2026, one abusing Microsoft’s OAuth authentication flow to silently hijack enterprise accounts,…
Microsoft 365 Network-Level Disruption Affecting Exchange Online, Teams, and Core Suite Services
A network-level disruption struck multiple Microsoft 365 services on Wednesday evening, knocking out or degrading access to Exchange Online, Microsoft Teams, and the broader Microsoft…
Google Expands Chrome Lazy Loading to Video and Audio in New Browser Update
Google is bringing a major performance enhancement to its browser by expanding native lazy loading capabilities to include video and audio elements. By adding the loading="lazy" attribute…
Claude Finds 13-Year-Old 0-Day RCE Vulnerability in Apache ActiveMQ in 10 Minutes
A critical remote code execution (RCE) vulnerability has been disclosed in Apache ActiveMQ Classic, a flaw that sat undetected for over a decade and was…
Hackers Exploit Kubernetes Misconfigurations to Move From Containers to Cloud Accounts
Kubernetes has become one of the most widely used platforms for managing containerized applications in enterprise environments. But as its adoption has grown, so has…
New BPFDoor Variants Use Stateless C2 and ICMP Relays to Evade Detection
A dangerous Linux backdoor called BPFDoor has returned in a more powerful form, with researchers uncovering new variants built to stay invisible inside critical network…
Russian Hackers Exploiting Home and Small-office Routers in Massive DNS hijacking Attack
A large-scale campaign by Forest Blizzard, a Russian military-linked threat actor, targeting home and small-office routers to hijack DNS traffic and intercept encrypted communications with…
Iran-Linked Hackers Launch Password Spray Campaign Against Microsoft 365 Tenants in Middle East
Microsoft 365 tenants in the Middle East are facing a new password spray campaign tied to an Iran-linked threat actor. Rather than starting with malware…