LummaStealer infections surge after CastleLoader malware campaigns

A surge in LummaStealer infections has been observed, driven by social engineering campaigns leveraging the ClickFix technique to deliver the CastleLoader malware.

How to test OpenClaw without giving an autonomous agent shell access to your corporate laptop

OpenClaw jumped from 1,000 to 21,000 exposed deployments in a week. Here's how to evaluate it in Cloudflare's Moltworker sandbox for $10/month — without touching your corporate network.

New ClickFix attack abuses nslookup to retrieve PowerShell payload via DNS

Threat actors are now abusing DNS queries as part of ClickFix social engineering attacks to deliver malware, making this the first known use of DNS as a channel in these campaigns.
TWCN Tech News

How to use command-line version of Microsoft Support and Recovery Assistant

If you want to use the command-line version of Microsoft Support and Recovery Assistant (SaRA) on a Windows 11/10 computer, here is how you can do that. It is suitable for remote diagnostics of ...
The Hacker News

Lazarus Campaign Plants Malicious Packages in npm and PyPI Ecosystems

North Korea-linked Lazarus campaign spreads malicious npm and PyPI packages via fake crypto job offers, deploying RATs and ...
CSO Online

Critical BeyondTrust RS vulnerability exploited in active attacks

Researchers have detected attacks that compromised Bomgar appliances, many of which have reached end of life, creating problems for enterprises seeking to patch.