ClickFix attackers using new tactic to evade detection, says Microsoft

Unwitting victims are now being tricked into installing malware via Windows Terminal, but some experts say this is old news.
Security Boulevard

BlackSanta Malware Shuts Down Protections, Targets HR and Recruiting Operations

Those aren't toys. Malware used in a sophisticated spear-phishing and infostealing campaign by Russian bad actors includes a component dubbed BlackSanta that can shut down antivirus and EDR ...
WeLiveSecurity

Sednit reloaded: Back in the trenches

ESET researchers document how the Sednit APT group has reemerged with a modern toolkit centered on two paired implants – BeardShell and Covenant.
The Hacker News

Chrome Extension Turns Malicious After Ownership Transfer, Enabling Code Injection and Data Theft

Malicious Chrome extensions tied to ownership transfers push malware and steal data, exposing thousands to credential theft and system compromise.
GovInfoSecurity

Breach Roundup: Patches and Hacks on Cisco Equipment

This week, Cisco patches and hacks. Trojanized app targeted Israelis. Bye-bye, Tycoon 2FA. Also bye-bye LeakBase. A ...

Fake Claude Code install guides push infostealers in InstallFix attacks

Threat actors are employing a new variation of the ClickFix social engineering technique called InstallFix to convince users ...

New ‘BlackSanta’ EDR killer spotted targeting HR departments

For more than a year, a Russian-speaking threat actor targeted human resource (HR) departments with malware that delivers a new EDR killer named BlackSanta.
The Hacker News

⚡ Weekly Recap: Qualcomm 0-Day, iOS Exploit Chains, AirSnitch Attack & Vibe-Coded Malware

Your weekly cybersecurity roundup covering the latest threats, exploits, vulnerabilities, and security news you need to know.
GovInfoSecurity

Russia's Unit 26165 Resumes High-End Malware Campaigns

The long-running Russian military hacking group tracked as Fancy Bear and APT28 has been wielding a new, "high-end custom arsenal" of custom ...