Microsoft

New Clickfix variant ‘CrashFix’ deploying Python Remote Access Trojan

CrashFix crashes browsers to coerce users into executing commands that deploy a Python RAT, abusing finger.exe and portable Python to evade detection and persist on high‑value systems.
The Hacker News

SSHStalker Botnet Uses IRC C2 to Control Linux Systems via Legacy Kernel Exploits

Researchers uncover SSHStalker, an IRC botnet exploiting legacy Linux flaws and SSH servers to build persistent covert access.
The Hacker News

Lazarus Campaign Plants Malicious Packages in npm and PyPI Ecosystems

North Korea-linked Lazarus campaign spreads malicious npm and PyPI packages via fake crypto job offers, deploying RATs and ...

LummaStealer infections surge after CastleLoader malware campaigns

A surge in LummaStealer infections has been observed, driven by social engineering campaigns leveraging the ClickFix technique to deliver the CastleLoader malware.
Infosecurity-magazine.com

PeckBirdy Framework Tied to China-Aligned Cyber Campaigns

A previously undocumented script-based command-and-control (C2) framework has been linked to multiple cyber campaigns targeting gambling companies, government bodies and private organizations across ...
Hosted on MSN

If work feels like a horror movie, it’s time to change the script

Some days, going to work feels like you are fighting one battle after another. Deadlines fly at you. Everything, everywhere, all at once. As for when your hard work will be recognised with a promotion ...