New ClickFix attack abuses nslookup to retrieve PowerShell payload via DNS

Threat actors are now abusing DNS queries as part of ClickFix social engineering attacks to deliver malware, making this the first known use of DNS as a channel in these campaigns.

Fake CAPTCHA Scam Tricks Windows Users Into Installing Malware

A fake CAPTCHA scam is tricking Windows users into running PowerShell commands that install StealC malware and steal passwords, crypto wallets, and more.

Fake ad blocker breaks PCs in new malware extension scam

Chrome and Edge users warned about NexShield browser extension scam that causes crashes and tricks users into installing malware through fake security fix commands.

CAPTCHA or trap? Windows users tricked into installing malware on their PCs

StealC malware campaign exploits fake CAPTCHA pages to steal sensitive data while blending into normal system activity.
The Hacker News

Microsoft Discloses DNS-Based ClickFix Attack Using Nslookup for Malware Staging

Microsoft details a new ClickFix variant abusing DNS nslookup commands to stage malware, enabling stealthy payload delivery and RAT deployment.

How to test OpenClaw without giving an autonomous agent shell access to your corporate laptop

OpenClaw jumped from 1,000 to 21,000 exposed deployments in a week. Here's how to evaluate it in Cloudflare's Moltworker sandbox for $10/month — without touching your corporate network.

February’s Patch Tuesday release fixes 59 flaws, including 6 being exploited

IT admins will be busy this month patching Microsoft software and apps, but not nearly as busy as they were in January.

Bug or feature: Windows Insiders and developers can't download the latest ISOs, including the devs behind Rufus

Microsoft has yet to comment on the issue.