New ClickFix attack abuses nslookup to retrieve PowerShell payload via DNS

Threat actors are now abusing DNS queries as part of ClickFix social engineering attacks to deliver malware, making this the first known use of DNS as a channel in these campaigns.

powershell attack

A fake CAPTCHA scam is tricking Windows users into running PowerShell commands that install StealC malware and steal passwords, crypto wallets, and more.
The Hacker News

CRESCENTHARVEST Campaign Targets Iran Protest Supporters With RAT Malware

CRESCENTHARVEST uses protest lures and malicious LNK files to deploy RAT malware targeting Iran protest supporters for espionage and data theft.

AI platforms can be abused for stealthy malware communication

AI assistants like Grok and Microsoft Copilot with web browsing and URL-fetching capabilities can be abused to intermediate ...