Hackers abuse .arpa DNS and ipv6 to evade phishing defenses

Threat actors are abusing the special-use ".arpa" domain and IPv6 reverse DNS in phishing campaigns that more easily evade ...

Termite ransomware breaches linked to ClickFix CastleRAT attacks

Ransomware threat actors tracked as Velvet Tempest are using the ClickFix technique and legitimate Windows utilities to deploy the DonutLoader malware and the CastleRAT backdoor.
Opinion
Security BoulevardOpinion

The Chrome Extension Backdoor: How ‘Productivity Tools’ Became Enterprise Attack Vectors

Millions installed 'productivity' Chrome extensions that became malware after acquisition. Here's how browser extensions became enterprise security's weakest link.
PCMag

Wikipedia Forced to Lock Down Edits Over JavaScript That Could Delete Pages

The nonprofit that oversees Wikipedia briefly enforced a 'read-only' mode on Thursday morning as users spotted code designed to delete articles and place Russian text in the edit summary.
PCMag

Phony Claude Code Install Guides Trick Vibe Coders Into Installing Malware

Dubbed InstallFix by Push Security, the scheme inserts instructions to download malware during the Claude Code install process on cloned websites.
PCMag Australia

$20K in Stolen Games, a $5M Crypto Blunder, and a Very Bad Week for Internet Security

This week in cybersecurity: stolen PlayStation accounts, AI chat transcripts sold by data brokers, tax-season scams, deepfake ...
Cybernews

AI agents are too easy to fool, with websites now littered with hidden “system override” commands

Don’t act surprised when your AI agent starts printing millions of pages of cabbages, deletes an entire system partition, or sends your life savings to fraudsters – they’re just being helpful.