New ClickFix attack abuses nslookup to retrieve PowerShell payload via DNS

Threat actors are now abusing DNS queries as part of ClickFix social engineering attacks to deliver malware, making this the first known use of DNS as a channel in these campaigns.
Security Boulevard

Zero-Knowledge Proofs for Verifiable MCP Tool Execution

Learn how Zero-Knowledge Proofs (ZKP) provide verifiable tool execution for Model Context Protocol (MCP) in a post-quantum world. Secure your AI infrastructure today.

North Korean job scammers target JavaScript and Python developers with fake interview tasks spreading malware

Operation Dream Job is evolving once again, and now comes through malicious dependencies on bare-bones projects.

Infostealer malware found stealing OpenClaw secrets for first time

With the massive adoption of the OpenClaw agentic AI assistant, information-stealing malware has been spotted stealing files ...

Fake CAPTCHA Scam Tricks Windows Users Into Installing Malware

A fake CAPTCHA scam is tricking Windows users into running PowerShell commands that install StealC malware and steal passwords, crypto wallets, and more.
CSO Online

10 years later, Bangladesh Bank cyberheist still offers cyber-resiliency lessons

North Korean cyberespionage actors Lazarus Group’s pilfering of $81 million via fraudulent SWIFT payment instructions broke the state-sponsored attack model to include financial gain, putting private ...