A new open-source and cross-platform tool called Tirith can detect homoglyph attacks over command-line environments by analyzing URLs in typed commands and stopping their execution. Available on ...

Threat actors are now abusing DNS queries as part of ClickFix social engineering attacks to deliver malware, making this the first known use of DNS as a channel in these campaigns.

IntroductionIn December 2025, Zscaler ThreatLabz discovered a campaign linked to APT37 (also known as ScarCruft, Ruby Sleet, and Velvet Chollima), which is a DPRK-backed threat group. In this campaign ...

A fake CAPTCHA scam is tricking Windows users into running PowerShell commands that install StealC malware and steal passwords, crypto wallets, and more.

ClickFix campaigns have adapted to the latest defenses with a new technique to trick users into infecting their own machines with malware.

Cisco Talos tracks UAT-10027 targeting U.S. education and healthcare with Dohdoor DoH-based backdoor and Cobalt Strike ...

ClickFix Campaign Abuses Compromised Sites to Deploy MIMICRAT Malware | Read more hacking news on The Hacker News cybersecurity news website and learn how to protect against cyberattacks and software ...

Fake CAPTCHA attacks exploded by 563% last year: How to spot them and stay safe online ...

Microsoft, Huntress, and Intego this month detailed attacks that show the ongoing evolution of the highly popular compromise technique.

Microsoft releases patches for six zero-day flaws in its latest monthly update, many of them related to security feature bypass issues.

A threat actor is using Net Monitor for Employees and SimpleHelp to launch ransomware and cryptocurrency attacks.