ClickFix becomes a scalable social-engineering platform for malware delivery
ClickFix moved from a novelty to a widely used attack pattern that tricks users into running commands themselves, bypassing many endpoint defenses. Researchers said the technique n
CrashStealer malware abuses signed apps and fake crash-reporting prompts on macOS
CrashStealer is a new macOS infostealer that disguises itself as Apple's crash-reporting tool and uses signed or notarized components to get past Gatekeeper checks. The malwar
Microsoft and security vendors rush to address AI-era attack surfaces
A broad set of vendors and researchers focused this week on how AI changes security operations, from agentic defense to prompt injection and AI-powered attacks. Microsoft, Google,
AI-assisted intrusions in government networks show how frontier models are changing cyber espionage
Researchers found an active Chinese intrusion campaign that used Claude Code and DeepSeek to automate parts of espionage operations against government systems and financial firms.
AsyncAPI npm supply-chain compromise spreads malware through trusted packages
Attackers compromised the AsyncAPI npm organization and injected malicious code into multiple widely used packages, including generator and specs packages with more than two millio
Scattered Spider members are sentenced for the Transport for London attack
Two teenage members of the Scattered Spider cybercrime group were sentenced in the UK to five years and six months in prison each for the 2024 cyberattack on Transport for London.
LegacyHive Windows zero-day gives local users SYSTEM privileges
Researchers known as Nightmare Eclipse or Chaotic Eclipse publicly released LegacyHive, a proof-of-concept exploit for a Windows privilege-escalation flaw affecting the User Profil
SonicWall SMA1000 zero-days are actively exploited in ransomware attacks
SonicWall disclosed that attackers are actively exploiting two zero-day vulnerabilities in its SMA1000 appliance line, and one of the flaws is a critical SSRF issue that can be use
Microsoft July 2026 Patch Tuesday hits record scale with exploited zero-days and hundreds of CVEs
Microsoft's July 2026 Patch Tuesday was one of the largest security releases in company history, with reports ranging from 570 to 622 vulnerabilities fixed depending on the co

