Pastebin comments push ClickFix JavaScript attack to hijack crypto swaps

Threat actors are abusing Pastebin comments to distribute a new ClickFix-style attack that tricks cryptocurrency users into ...
Microsoft

Developer-targeting campaign using malicious Next.js repositories

A developer-targeting campaign leveraged malicious Next.js repositories to trigger a covert RCE-to-C2 chain through standard ...

Russian soldiers tell BBC they saw fellow troops executed on commanders' orders

Four men expose the horror and brutality of conditions in the Ukraine war, with two saying they saw soldiers being shot for ...

Police failed to arrest Nottingham triple killer on warrant months before attacks, inquiry hears

The arrest warrant was issued more than nine months before the killings in September 2022, after Valdo Calocane did not attend a hearing at Nottingham Magistrates Court after being accused of ...

New ClickFix attack abuses nslookup to retrieve PowerShell payload via DNS

Threat actors are now abusing DNS queries as part of ClickFix social engineering attacks to deliver malware, making this the first known use of DNS as a channel in these campaigns.
The Hacker News

DPRK Operatives Impersonate Professionals on LinkedIn to Infiltrate Companies

North Korean IT operatives use stolen LinkedIn accounts, fake hiring flows, and malware to secure remote jobs, steal data, ...

Wikipedia blacklists Archive.today after alleged DDoS attack

Wikipedia editors have decided to remove all links to Archive.today, a web archiving service that they said has been linked ...
InfoWorld

Google adds AI agent to Opal mini-app builder

New agent step in Opal figures out the right tools and models it needs to accomplish the user’s objective, Google said.
The Caledonian-Record

Testing Mavens Launches Next-Gen PerfAgents Performance Orchestration Platform

We're relaunching PerfAgents with a renewed focus on performance test orchestration-bringing load testing, real user journeys ...

Google Ships WebMCP, The Browser-Based Backbone For The Agentic Web

Google ships WebMCP protocol, letting websites expose structured functions to AI agents and reducing computational overhead ...

Fake CAPTCHA Scam Tricks Windows Users Into Installing Malware

A fake CAPTCHA scam is tricking Windows users into running PowerShell commands that install StealC malware and steal passwords, crypto wallets, and more.