New ClickFix attacks abuse Windows App-V scripts to push malware

A new malicious campaign mixes the ClickFix method with fake CAPTCHA and a signed Microsoft Application Virtualization (App-V ...
The Hacker News

ClickFix Attacks Expand Using Fake CAPTCHAs, Microsoft Scripts, and Trusted Web Services

ClickFix uses fake CAPTCHAs and a signed Microsoft App-V script to deploy Amatera stealer on enterprise Windows systems.
Bleeping Computer

Hackers claim to hack Resecurity, firm says it was a honeypot

Update: Article updated to reflect that the ShinyHunters says they were not involved in this activity. We have updated our story and title. Threat actors associated with the "Scattered Lapsus$ Hunters ...
The Hacker News

Malicious VS Code AI Extensions with 1.5 Million Installs Steal Developer Source Code

Security researchers found two AI-branded VS Code extensions with 1.5M installs that covertly send source code and files to ...
Dark Reading

DPRK's Konni Targets Blockchain Developers With AI-Generated Backdoor

The North Korean threat group is using a new PowerShell backdoor to compromise development environments and target ...
Hackaday

Windows 11

If you’re reading this, that means you’ve successfully made it through 2025! Allow us to be the first to congratulate you — that’s another twelve months of skills learned, projects started, and hacks… ...