New ClickFix attack abuses nslookup to retrieve PowerShell payload via DNS

Threat actors are now abusing DNS queries as part of ClickFix social engineering attacks to deliver malware, making this the first known use of DNS as a channel in these campaigns.
HealthcareInfoSecurity

AI-Generated Malware Exploits React2Shell for Tiny Profit

Security researchers detected artificial intelligence-generated malware exploiting the React2Shell vulnerability, allowing ...
TechShout

8 Pastebin Alternatives

The list of Pastebin alternative websites has been constituted after some healthy research. These kinds of sites will prove to be of great help for you if your job is to deal with long lines of coding ...
The Hacker News

SilentSync RAT Delivered via Two Malicious PyPI Packages Targeting Python Developers

Cybersecurity researchers have discovered two new malicious packages in the Python Package Index (PyPI) repository that are designed to deliver a remote access trojan called SilentSync on Windows ...
The Hacker News

Chinese TA415 Uses VS Code Remote Tunnels to Spy on U.S. Economic Policy Experts

A China-aligned threat actor known as TA415 has been attributed to spear-phishing campaigns targeting the U.S. government, think tanks, and academic organizations utilizing U.S.-China economic-themed ...
GitHub

A simple pastebin monitor using the scraping API.

Simple pastebin monitor is a simple Python script that replicates and extends Pastebin alerts function. It makes use of the Pastebin Scraping API as described here. You'll need a Pastebin PRO account ...
Hosted on MSN

Putin Has WORST Week of Entire WAR

Between June 1 and June 4, 2025, Ukraine carried out a series of devastating attacks against Russian targets, in what many analysts are calling the worst week of the war for Russia. Operation Spider’s ...
TechRadar

Misspelled a site's name? Cybercriminals are exploiting this to infect your computer with malware - here's how to stay safe

A single typo could let hackers hijack your system using malware hidden in fake packages Cross-platform malware now fools even experienced developers by mimicking trusted open source package names ...
Hosted on MSN

Romania STRIKES BACK... Green Light to Shoot Russian Drones Out of the Sky!

Romania just made a bold move against Russia’s drone incursions. After months of restraint, the country has passed a law authorizing its military to shoot down unauthorized Russian UAVs in its ...
Infosecurity-magazine.com

New Malware on PyPI Poses Threat to Open-Source Developers

A newly uncovered malicious package on the Python Package Index (PyPI) has raised fresh concerns about the security of open source software repositories. The package, named “dbgpkg,” was discovered by ...
theregister

Security pros baited with fake Windows LDAP exploit traps

Security researchers are once again being lured into traps by attackers, this time with fake exploits of serious Microsoft security flaws. Trend Micro spotted what appears to be a fork of the ...
techworm.net

Hackers Exploit Popular Godot Game Engine To Spread Malware

Security researchers at Check Point Research have discovered a new malware loader “GodLoader” that exploits the game engine “Godot Engine.” For those unaware, Godot Engine is a popular open-source ...