The Hacker News

Weekly Recap: Outlook Add-Ins Hijack, 0-Day Patches, Wormable Botnet & AI Malware

Outlook add-in phishing, Chrome and Apple zero-days, BeyondTrust RCE, cloud botnets, AI-driven threats, ransomware activity, ...

Free download: AI Networking Cookbook (worth $43.99)0 0

Familiarity with basic networking concepts, configurations, and Python is helpful, but no prior AI or advanced programming ...

New ClickFix attack abuses nslookup to retrieve PowerShell payload via DNS

Threat actors are now abusing DNS queries as part of ClickFix social engineering attacks to deliver malware, making this the first known use of DNS as a channel in these campaigns.
Dark Reading

ClickFix Attacks Abuses DNS Lookup Command to Deliver ModeloRAT

ClickFix campaigns have adapted to the latest defenses with a new technique to trick users into infecting their own machines with malware.
SecurityWeek

Microsoft Warns of ClickFix Attack Abusing DNS Lookups

Microsoft has warned users that threat actors are leveraging a new variant of the ClickFix technique to deliver malware.

North Korean job scammers target JavaScript and Python developers with fake interview tasks spreading malware

Operation Dream Job is evolving once again, and now comes through malicious dependencies on bare-bones projects.