New ClickFix attack abuses nslookup to retrieve PowerShell payload via DNS

Threat actors are now abusing DNS queries as part of ClickFix social engineering attacks to deliver malware, making this the first known use of DNS as a channel in these campaigns.

powershell attack

A fake CAPTCHA scam is tricking Windows users into running PowerShell commands that install StealC malware and steal passwords, crypto wallets, and more.

Ex-L3Harris exec jailed for selling zero-days to Russian exploit broker

The former head of Trenchant, a specialized U.S. defense contractor unit, was sentenced Tuesday to more than seven years in federal prison for stealing and selling zero-day exploits to a Russian ...
TechCrunch

Fintech firm Marquis blames hack at firewall provider SonicWall for its data breach

Fintech firm Marquis told customers that it plans to seek compensation from its firewall provider after blaming the company for a breach that allowed hackers to steal its customers’ personal and ...
The Guardian

I’m a tech-savvy zillennial who knows how to safeguard against hacking. Scammers still managed to get me

Had I received any suspicious text messages claiming to be from my bank, the fraud team asked. Had I clicked on the links? My stomach dropped Get our breaking news email, free app or daily news ...