Windows shortcut files targeted by ransomware gang Global Group

When Microsoft patched a vulnerability last summer that allowed threat actors to use Windows’ shortcut (.lnk) files in ...
Rock Paper Shotgun

If you're struggling to play tactics sim Menace, it could be because your antivirus is randomly deleting files

Hooded Horse and Overhype have released a new patch for Menace, adding new pirate units and rebalancing weapons, while notifying us of a weird antivirus issue.

LummaStealer infections surge after CastleLoader malware campaigns

A surge in LummaStealer infections has been observed, driven by social engineering campaigns leveraging the ClickFix technique to deliver the CastleLoader malware.

Crazy ransomware gang abuses employee monitoring tool in attacks

A member of the Crazy ransomware gang is abusing legitimate employee monitoring software and the SimpleHelp remote support ...

Microsoft Triple Warning — 3 Windows Security Bypass Threats Confirmed

Now Microsoft has confirmed three zero-day Windows security bypass vulnerabilities, users are warned to get their update ...
Microsoft

New Clickfix variant ‘CrashFix’ deploying Python Remote Access Trojan

CrashFix crashes browsers to coerce users into executing commands that deploy a Python RAT, abusing finger.exe and portable Python to evade detection and persist on high‑value systems.
CSO Online

Phishing campaign chains old Office flaw with fileless XWorm RAT to evade detection

The campaign exploits an Office vulnerability to deliver the modular XWorm RAT, chaining HTA, PowerShell, and in-memory .NET execution to sidestep detection and expand post-compromise control.
PCMag on MSN

Fake Version of Popular Archiver Site Is Distributing Malware, Taking Over PCs

Watch what you type. The real 7-Zip uses a .org domain, but a .com version is distributing a Trojan, according to antivirus provider Malwarebytes.