Credential theft, phishing, and fake downloads remain the main path to compromise
Attackers continued to rely on phishing, fake installers, and stolen credentials as their most reliable access methods. Reports covered trojanized Webex, Zoom, and MobaXterm instal
ClickFix becomes a scalable social-engineering platform for malware delivery
ClickFix moved from a novelty to a widely used attack pattern that tricks users into running commands themselves, bypassing many endpoint defenses. Researchers said the technique n
Microsoft and security vendors rush to address AI-era attack surfaces
A broad set of vendors and researchers focused this week on how AI changes security operations, from agentic defense to prompt injection and AI-powered attacks. Microsoft, Google,

