The Hacker News

DEAD#VAX Malware Campaign Deploys AsyncRAT via IPFS-Hosted VHD Phishing Files

DEAD#VAX campaign delivers AsyncRAT via IPFS-hosted VHD phishing files, using fileless memory injection and obfuscated ...
Microsoft

New Clickfix variant ‘CrashFix’ deploying Python Remote Access Trojan

CrashFix crashes browsers to coerce users into executing commands that deploy a Python RAT, abusing finger.exe and portable Python to evade detection and persist on high‑value systems.

バックドアを仕掛けられるおそれ ~Microsoft、「ClickFix」の亜種 ...

「ClickFix」は、Webページの閲覧中に『PCのトラブルを解決する』などとユーザーを騙し、ボタンをクリックして悪意あるコードを実行させるタイプの攻撃手法。『サブスクが無料になる裏ワザがある』と偽り、[ファイル名を指定して実行]ダイアログ([Wi ...
Cybernews

Scam on steroids: fake PDFs now hide on decentralized web and mount as virtual drives

A complex phishing campaign uses decentralized fake PDFs that mount virtual drives to silently install the AsyncRAT malware.
Microsoft

Infostealers without borders: macOS, Python stealers, and platform abuse

How modern infostealers target macOS systems, leverage Python‑based stealers, and abuse trusted platforms and utilities to ...