Fake CAPTCHA Scam Tricks Windows Users Into Installing Malware

A fake CAPTCHA scam is tricking Windows users into running PowerShell commands that install StealC malware and steal passwords, crypto wallets, and more.

North Korean job scammers target JavaScript and Python developers with fake interview tasks spreading malware

Operation Dream Job is evolving once again, and now comes through malicious dependencies on bare-bones projects.
The Hacker News

New Chrome Zero-Day (CVE-2026-2441) Under Active Attack — Patch Released

Google fixes actively exploited Chrome zero-day CVE-2026-2441, a high-severity CSS use-after-free flaw enabling sandboxed remote code execution.

Pastebin comments push ClickFix JavaScript attack to hijack crypto swaps

Threat actors are abusing Pastebin comments to distribute a new ClickFix-style attack that tricks cryptocurrency users into ...
Tech Times

Hidden Claude Desktop Extension Flaw Could Let Hackers Seize Your PC

Security researchers warn that Claude Desktop Extensions may allow zero-click prompt injection attacks, potentially leading to remote code execution and full system compromise.