Over 100 hacked WordPress sites redirect visitors to fake Cloudflare/Google CAPTCHA pages using “ClickFix” to execute Lumma, Rhadamanthys, Epsilon Red, and XMRig payloads, researchers say. A...
Trellix says a phishing campaign weaponizes RAR archive filenames to auto-trigger Bash, fetch a multi-arch loader, and execute the VShell backdoor entirely in memory. A new...
Cisco Talos warns of a modular PowerShell/C# threat stealing wallets, logging keystrokes, and persisting without writing payloads to disk. A new malvertising campaign is delivering PS1Bot,...