LeakNet ransomware uses ClickFix, Deno runtime in stealthy attacks

The LeakNet ransomware gang is now using the ClickFix technique for initial access into corporate environments and deploys a ...
Security Boulevard

Hacked sites deliver Vidar infostealer to Windows users

We found fake “verify you are human” pages on hacked WordPress sites that trick Windows users into installing the Vidar ...
SecurityWeek

‘BlackSanta’ Malware Activates EDR and AV Killer Before Detonating Payload

BlackSanta is a malware module that kills EDR and AV at the kernel level prior to unleashing the malware’s final purpose.
SecurityWeek

ClickFix Attack Uses Windows Terminal to Evade Detection

A new ClickFix attack variant uses fake CAPTCHA pages instructing victims to paste and execute malicious commands in Windows Terminal.

Termite ransomware breaches linked to ClickFix CastleRAT attacks

Ransomware threat actors tracked as Velvet Tempest are using the ClickFix technique and legitimate Windows utilities to deploy the DonutLoader malware and the CastleRAT backdoor.
IEEE

The Pulse of Fileless Cryptojacking Attacks: Malicious PowerShell Scripts

Abstract: Fileless malware predominantly relies on PowerShell scripts, leveraging the native capabilities of Windows systems to execute stealthy attacks that leave no traces on the victim's system.
GitHub

install-new-teams-v2.ps1

including the Outlook Add-in and sets required registry keys for Citrix VDA as well. The new Teams is based on EdgeWebView Runtime and willbe installed as well. You ...