Microsoft

New Clickfix variant ‘CrashFix’ deploying Python Remote Access Trojan

CrashFix crashes browsers to coerce users into executing commands that deploy a Python RAT, abusing finger.exe and portable ...
Dark Reading

Big Breach or Smooth Sailing? Mexican Gov't Faces Leak Allegations

Hacktivist group claims a 2.3-terabyte data breach exposes information of 36 million Mexicans, but no sensitive accounts are ...
The Hacker News

Infy Hackers Resume Operations with New C2 Servers After Iran Internet Blackout Ends

The elusive Iranian threat group known as Infy (aka Prince of Persia) has evolved its tactics as part of efforts to hide its ...
CU Independent

Beyond Memes: Integrating AI Face Swapping into Professional Design Workflows

Changing a face in a photograph used to be a dark art reserved for Photoshop veterans. It demanded a mastery of layers, ...

Hackers compromise NGINX servers to redirect user traffic

A threat actor is compromising NGINX servers in a campaign that hijacks user traffic and reroutes it through the attacker's ...
The Hacker News

Malicious NGINX Configurations Enable Large-Scale Web Traffic Hijacking Campaign

Active React2Shell exploitation uses malicious NGINX configurations to hijack web traffic, targeting Baota panels, Asian TLDs, and government domains.

OpenAI says new coding model helped build itself

The new coding model released Thursday afternoon, entitled GPT-5.3-Codex, builds on OpenAI’s GPT-5.2-Codex model and combines insights from the AI company’s GPT-5.2 model, which excels on non-coding ...

OpenClaw’s AI ‘skill’ extensions are a security nightmare

Security researchers found hundreds of malicious add-ons on ClawHub.