
90-Domain SEO Campaign Abuses ScreenConnect to Deploy AsyncRAT
Kaspersky exposed a 90-domain SEO poisoning campaign that installs AsyncRAT on Windows via a fake ScreenConnect installer, targeting users across

Kaspersky exposed a 90-domain SEO poisoning campaign that installs AsyncRAT on Windows via a fake ScreenConnect installer, targeting users across

Unit 42 documented phantom squatting, with 13,229 malicious URLs active on AI-hallucinated domains and 250,000 more unregistered sites available to

Red teamers showed that email inbox prompt injection turns Claude Desktop into a reverse shell when MCP connectors with command

ChocoPoC, a new remote access trojan, targets vulnerability researchers through trojanized proof-of-concept exploit repositories on GitHub, stealing credentials and establishing

LayerX’s BioShocking research shows AI browsers including ChatGPT Atlas, Perplexity Comet, and the Claude extension can be tricked into stealing

Ukraine’s SBU and the FBI jointly exposed campaigns by Russian FSB-linked UNC5792 and GRU-linked UNC4221 stealing Signal and WhatsApp backup

A threat actor compromised a Gizmodo account to serve ClickFix malware prompts to readers, exploiting brand trust to push PowerShell-based

Algerian national Abdellah Belmili was extradited from Spain to face US bank fraud charges for operating phishing marketplaces Market0Day and

Unit 42 found a macOS ClickFix variant using hdiutil to silently mount DMG files and deploy AMOS stealer, targeting crypto

Kaspersky found a WhatsApp phishing campaign using VBScript to install ManageEngine RMM software across multiple countries, granting attackers remote access.
Subscribe to the Daily Security Review Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.