Researchers uncover wormable XMRig campaign using BYOVD exploit and LLM-built React2Shell attacks hitting 90+ hosts.

Threat actors are now abusing DNS queries as part of ClickFix social engineering attacks to deliver malware, making this the first known use of DNS as a channel in these campaigns.

The campaign exploits an Office vulnerability to deliver the modular XWorm RAT, chaining HTA, PowerShell, and in-memory .NET execution to sidestep detection and expand post-compromise control.

Palo Alto Networks’ Unit 42 says two critical flaws are being actively abused to gain unauthenticated access, deploy persistent backdoors, and compromise entire enterprise mobile fleets even after ...

A developer’s routine cleanup task reportedly turned into a disaster after a small mistake in AI-generated code wiped an entire drive. The incident, first described in a Reddit post, involved code ...

Security researchers detected artificial intelligence-generated malware exploiting the React2Shell vulnerability, allowing ...

Threat intelligence firm GreyNoise said it recorded 417 exploitation sessions from 8 unique source IP addresses between ...

The House and Senate have been at odds over the funding of the Department of Homeland Security, with the House passing a ...

Cisco tested eight major open-weight artificial intelligence models and found multi-turn jailbreak attacks succeeded nearly ...

Three of those zero-days are security feature bypass flaws, which give attackers a way to slip past built-in protections in ...

A fake CAPTCHA scam is tricking Windows users into running PowerShell commands that install StealC malware and steal passwords, crypto wallets, and more.

ClickFix campaigns have adapted to the latest defenses with a new technique to trick users into infecting their own machines with malware.