LeakNet ransomware uses ClickFix and Deno runtime for stealthy attacks

The LeakNet ransomware gang is now using the ClickFix technique for initial access into corporate environments and deploys a ...
CSO Online

ClickFix techniques evolve in new infostealer campaigns

Recent social engineering schemes involving WordPress and Microsoft’s Windows Terminal show that this relatively basic tactic ...

Google warns of two actively exploited Chrome zero days

One allows a remote attacker to execute arbitrary code inside a sandbox, the other could result in loss of sensitive information.
Opinion
PCMagOpinion

I Vibe Coded a Global Mass-Surveillance Site in 2 Hours Using OpenAI's Codex. That's a Privacy Nightmare

With zero coding skills, I was able to quickly assemble camera feeds from around the world into a single view. Here's how I did it, and why it's both promising and terrifying for all of us.
Microsoft

Contagious Interview: Malware delivered through fake developer job interviews

The Contagious Interview campaign weaponizes job recruitment to target developers. Threat actors pose as recruiters from crypto and AI companies and deliver backdoors such as OtterCookie and ...

.NET 11.0 Preview 2 delivers asynchronous runtime

Asynchronous programming with async and await has existed in .NET for years. Now Microsoft is delivering a new runtime environment for asynchronous execution.

Bad CAPTCHA in the wild tricks Mac users into installing malware through Terminal

Hackers have a new tool called ClickFix. The new attack vector combines fake human-verification prompts with malware, trying to trick users into running Terminal commands that bypass macOS security.
InfoQ

Cloudflare Releases Experimental Next.js Alternative Built with AI Assistance

Cloudflare released vinext, an experimental Next.js reimplementation built on Vite by one engineer, with AI guidance over one ...