The Hacker News

Web Server Exploits and Mimikatz Used in Attacks Targeting Asian Critical Infrastructure

New hacking cluster exploits web servers and Mimikatz to infiltrate Asian infrastructure for long-term espionage in aviation, ...
XDA Developers on MSN

I tore apart the most common Linux malware in a sandbox, and it uses layer after layer of tricks to survive

It uses some of the oldest tricks in the book.

Termite ransomware breaches linked to ClickFix CastleRAT attacks

Ransomware threat actors tracked as Velvet Tempest are using the ClickFix technique and legitimate Windows utilities to deploy the DonutLoader malware and the CastleRAT backdoor.

Fake Claude Code install guides push infostealers in InstallFix attacks

Threat actors are employing a new variation of the ClickFix social engineering technique called InstallFix to convince users ...
PCQuest on MSN

Copy-paste this command and you’re hacked: New Windows Terminal attack spreads Lumma Stealer

A recent malware campaign is using a trusted Windows application to launch attacks for stealing credentials via social engineering with the exploitation of the Windows Terminal with the use of Lumma ...
The Hacker News

CISA Adds Actively Exploited VMware Aria Operations Flaw CVE-2026-22719 to KEV Catalog

CISA adds VMware Aria Operations command injection flaw CVE-2026-22719 to KEV after reports of active exploitation; patches ...