Fake Claude Code install guides push infostealers in InstallFix attacks

Threat actors are employing a new variation of the ClickFix social engineering technique called InstallFix to convince users into running malicious commands under the pretext of installing legitimate ...

Microsoft spots ClickFix campaign getting users to self-pwn on Windows Terminal

Crooks tweak familiar copy-paste ruse so that victims run malicious commands themselves A new twist on the long-running ...
The Hacker News

Microsoft Reveals ClickFix Campaign Using Windows Terminal to Deploy Lumma Stealer

Microsoft reveals ClickFix campaign abusing Windows Terminal to deliver Lumma Stealer and steal browser credentials.
The Hacker News

China-Linked Hackers Use TernDoor, PeerTime, BruteEntry in South American Telecom Attacks

China-linked UAT-9244 targets South American telecom networks with TernDoor, PeerTime, and BruteEntry malware on Windows, Linux, and edge devices.
Security Boulevard

Middle East Conflict Fuels Opportunistic Cyber Attacks

IntroductionThreat actors often take advantage of major global events to fuel interest in their malicious activities. Zscaler ThreatLabz is diligently tracking a surge in cybercriminal activity that ...

ClickFix attackers using new tactic to evade detection, says Microsoft

Unwitting victims are now being tricked into installing malware via Windows Terminal, but some experts say this is old news.
LinuxInsider

How to Harden Firefox for Better Security on Linux

This guide shows how to install the latest Firefox build on Linux and adjust key settings to reduce tracking, limit telemetry, and strengthen browser security.
Security Boulevard

The Chrome Extension Backdoor: How ‘Productivity Tools’ Became Enterprise Attack Vectors

Millions installed 'productivity' Chrome extensions that became malware after acquisition. Here's how browser extensions became enterprise security's weakest link.