The Hacker News

Starkiller Phishing Suite Uses AitM Reverse Proxy to Bypass Multi-Factor Authentication

Starkiller phishing suite uses live reverse proxying to bypass MFA, while attackers abuse OAuth device codes to hijack Microsoft 365 accounts.
Infosecurity-magazine.com

OysterLoader Evolves With New C2 Infrastructure and Obfuscation

A multi-stage malware loader known as OysterLoader has continued to evolve into early 2026, refining its command-and-control (C2) infrastructure and obfuscation methods. The C++-based threat, also ...
TechRepublic

Fake CAPTCHA Scam Tricks Windows Users Into Installing Malware

A new social engineering campaign is abusing fake CAPTCHA verification pages to trick Windows users into launching StealC information-stealing malware. The attack relies on compromised websites that ...
HotHardware

Microsoft Office Zero-Day Exploited Days After Emergency Patch, Update ASAP

Microsoft Office is victim to a critical zero-day exploit, and Russian hacker groups are already weaponizing it in destabilizing efforts toward the Ukrainian government. While Westerners and most ...
SiliconANGLE

Securonix warns of Dead#Vax malware campaign abusing Windows fileless execution

A new report out today from cybersecurity company Securonix Inc. is warning of a highly sophisticated, multistage malware campaign where attackers are abusing trusted Windows features and fileless ...
The Hacker News

DEAD#VAX Malware Campaign Deploys AsyncRAT via IPFS-Hosted VHD Phishing Files

Threat hunters have disclosed details of a new, stealthy malware campaign dubbed DEAD#VAX that employs a mix of "disciplined tradecraft and clever abuse of legitimate system features" to bypass ...
Forbes

Leep Ring 1 Is A British Sleep-First Smart Ring That Undercuts Oura

The reaction to fitness and tech companies pushing pricey monthly subscriptions continues with the Leep Ring 1, a smart ring with no subscription attached. Leep’s Ring 1 also costs significantly less ...
IEEE

Machine Learning-Enhanced Malware Obfuscation and Innovative Defense Strategies

Abstract: In the evolving landscape of sustainable digital technologies, safeguarding cyber-ecosystems has become a critical priority. Traditional machine learning-based malware detection systems are ...
JD Supra

Decoding the Number of “Occurrences”: Florida’s Insurance Puzzle in Mass-Injury Cases

As the world confronts more mass shootings, these tragic events leave courts continuing to confront their effects on insurance coverage. A federal appeals court in Florida recently addressed the issue ...
Fox News

Fake Windows update pushes malware in new ClickFix attack

Cybercriminals keep getting better at blending into the software you use every day. Over the past few years, we've seen phishing pages that copy banking portals, fake browser alerts that claim your ...
Gizmochina

Updated ClickFix malware impersonates Windows update to steal your passwords, browser cookies, banking logins

A sneaky new strain of the ClickFix malware is making the rounds, and it’s going after the easiest victim of all: anyone who trusts a Windows update prompt. Security researchers at Huntress say the ...