The Hacker News

ClickFix Attacks Expand Using Fake CAPTCHAs, Microsoft Scripts, and Trusted Web Services

ClickFix uses fake CAPTCHAs and a signed Microsoft App-V script to deploy Amatera stealer on enterprise Windows systems.
The Hacker News

Google Warns of Active Exploitation of WinRAR Vulnerability CVE-2025-8088

Google confirms nation-state and cybercrime groups exploit a patched WinRAR flaw to gain persistence and deploy malware via ...
TechJuice

VoidLink Malware Almost Entirely Built by AI, Experts Warn

Researchers say VoidLink, malware almost completely developed by AI, raising alarms as threat actors harness generative ...

Anura Stops AI-Assisted SIVT Threat That Bypasses JavaScript-Based Fraud Detection Solutions

Anura identified and successfully mitigated a new form of Sophisticated Invalid Traffic (SIVT) that uses artificial ...

WinRAR path traversal flaw still exploited by numerous hackers

Multiple threat actors, both state-sponsored and financially motivated, are exploiting the CVE-2025-8088 high-severity ...

How to spot and stop everyday cyberattacks

It never stops. Attackers continue to exploit new vulnerabilities and tricks to hack accounts or infiltrate devices. To stay ...
CNA

CNA Explains: What are Roblox and Gorebox, and how might they be used for radicalisation?

Roblox started as a user-driven endeavour, but it has been used for child grooming and radicalisation. CNA’s Fabian Koh takes ...
SecurityWeek

Chrome, Edge Extensions Caught Stealing ChatGPT Sessions

LayerX discovered 16 extensions in the Chrome Web Store and Microsoft Edge Add-ons marketplace that steal users’ ChatGPT ...

Critical sandbox escape flaw discovered in popular vm2 NodeJS library

A critical-severity vulnerability in the vm2 Node.js sandbox library, tracked as CVE-2026-22709, allows escaping the sandbox and executing arbitrary code on the underlying host system.
VietNamNet

When fear replaces force: how “online kidnapping” scams prey on Gen Z

Online kidnapping' does not involve physical force but instead relies on psychological manipulation, forcing victims to ...
The Blogs | The Times of IsraelOpinion

The Nihilist Penguin as a Metaphor for Israel

Online, the penguin is rarely “explained.” Instead, it is recruited as a neutral avatar for modern exhaustion – an animal ...

From Pegasus to CVE-2025: 3 times WhatsApp faced critical security issues

The news this week has struck at the very foundation of WhatsApp's existence. A massive class-action lawsuit filed in San ...