相關新聞
ClickFix attack uses fake Windows Update screen to push malware
New ClickFix attack variants have been observed where threat actors trick users with a realistic-looking Windows Update animation in a full-screen browser page and hide the malicious code inside images. [...]
Bleepingcomputer
2025年11月25日 362 觀看次數
Fresh ClickFix attacks use Windows Update trick-pics to steal credentials
Poisoned PNGs contain malicious code
A fresh wave of ClickFix attacks is using fake Windows update screens to trick victims into downloading infostealer malware.…
The Register
2025年11月25日 293 觀看次數
Malicious Blender model files deliver StealC infostealing malware
A Russian-linked campaign delivers the StealC V2 information stealer malware through malicious Blender files uploaded to 3D model marketplaces like CGTrader. [...]
Bleepingcomputer
2025年11月25日 281 觀看次數
.jpg){kind=logo}
W3 Total Cache WordPress plugin vulnerable to PHP command injection
A critical flaw in the W3 Total Cache (W3TC) WordPress plugin can be exploited to run PHP commands on the server by posting a comment that contains a malicious payload. [...]
Bleepingcomputer
2025年11月20日 428 觀看次數
Threat Actors can Use Xanthorox AI Tool to Generate Different Malicious Code Based on Prompts
Cybersecurity researchers have uncovered a dangerous new tool making waves across darknet forums and criminal communities. Xanthorox, a malicious artificial intelligence platform, has emerged as a serious concern for the security industry. The tool works like a regular chatbot, similar to ChatGPT, but with...
Cyber Security News
2025年11月18日 647 觀看次數
Decades-old ‘Finger’ protocol abused in ClickFix malware attacks
The decades-old "finger" command is making a comeback,, with threat actors using the protocol to retrieve remote commands to execute on Windows devices. [...]
Bleepingcomputer
2025年11月16日 510 觀看次數
CISA warns of Akira ransomware Linux encryptor targeting Nutanix VMs
US government agencies are warning that the Akira ransomware operation has been spotted encrypting Nutanix AHV virtual machines in attacks. [...]
Bleepingcomputer
2025年11月14日 733 觀看次數
Hackers Exploiting RMM Tools LogMeIn and PDQ Connect to Deploy Malware as a Normal Program
Cybercriminals are now exploiting remote monitoring and management tools to spread dangerous malware while avoiding detection by security systems. The attack campaign targets users who download what appears to be popular software, such as Notepad++, 7-Zip, or ChatGPT, from fake websites. Instead...
Cyber Security News
2025年11月14日 552 觀看次數
DanaBot malware is back to infecting Windows after 6-month break
The DanaBot malware has returned with a new version observed in attacks, six-months after law enforcement's Operation Endgame disrupted its activity in May. [...]
Bleepingcomputer
2025年11月13日 580 觀看次數
Google sues 25 China-based scammers behind Lighthouse 'phishing for dummies' kit
600+ phishing websites and 116 of these use a Google logo
Google has filed a lawsuit against 25 unnamed China-based scammers, which it claims have stolen more than 115 million credit card numbers in the US as part of the Lighthouse phishing operation.…
The Register
2025年11月13日 566 觀看次數
