Cloudflare-Themed ClickFix Attack Drops Infiniti Stealer on Macs

/in

The infection chain includes a fake CAPTCHA page, a Bash script, a Nuitka loader, and the Python-based infostealer.

The post Cloudflare-Themed ClickFix Attack Drops Infiniti Stealer on Macs appeared first on SecurityWeek.

SecurityWeek – ​Read More

Citrix NetScaler Under Active Recon for CVE-2026-3055 (CVSS 9.3) Memory Overread Bug

/in

A recently disclosed critical security flaw impacting Citrix NetScaler ADC and NetScaler Gateway is witnessing active reconnaissance activity, according to Defused Cyber and watchTowr.
The vulnerability, CVE-2026-3055 (CVSS score: 9.3), refers to a case of insufficient input validation leading to memory overread, which an attacker could exploit to leak potentially sensitive information.
Per

The Hacker News – ​Read More

CISA Adds CVE-2025-53521 to KEV After Active F5 BIG-IP APM Exploitation

/in

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Friday added a critical security flaw impacting F5 BIG-IP Access Policy Manager (APM) to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation.
The vulnerability in question is CVE-2025-53521 (CVSS v4 score: 9.3), which could allow a threat actor to achieve remote code execution.
“When a

The Hacker News – ​Read More

TA446 Deploys Leaked DarkSword iOS Exploit Kit in Targeted Spear-Phishing Campaign

/in

Proofpoint has disclosed details of a targeted email campaign in which threat actors with ties to Russia are leveraging the recently disclosed DarkSword exploit kit to target iOS devices.
The activity has been attributed with high confidence to the Russian state-sponsored threat group known as TA446, which is also tracked by the broader cybersecurity community under the monikers Callisto,

The Hacker News – ​Read More

Iran-Linked Handala Hackers Breach FBI Chief Kash Patel’s Gmail

/in

Iran-linked Handala hackers breached FBI Chief Kash Patel’s Gmail, leaking photos and documents. Officials say no classified data was exposed.

Hackread – Cybersecurity News, Data Breaches, AI and More – ​Read More

ShinyHunters Walk Away from BreachForums, Leak 300,000-User Database

/in

ShinyHunters leaves BreachForums, leaks data of 300,000 users, warns all active domains are fake, and threatens more leaks from forum backups.

Hackread – Cybersecurity News, Data Breaches, AI and More – ​Read More

These RayNeo XR glasses effectively replaced my TV with HDR support – and they’re on sale

/in

The RayNeo Air 4 Pro make for a great first pair of XR glasses, based on our tests. And they just got their first big discount.

Latest news – ​Read More

I’ve tested every MacBook Air in recent years – here’s why the time to upgrade is now

/in

The MacBook Air M5 marks a logical upgrade point for older Mac users or PC refugees ditching Windows.

Latest news – ​Read More

These 20 award-winning tech products are on sale (but we’d pay full price)

/in

Some ZDNET-approved, award-winning tech is on sale during Amazon’s Big Spring Sale. Don’t miss these offers on products we love.

Latest news – ​Read More

This iPhone charger from Anker comes with a nifty smart display – and it’s on sale

/in

Anker’s Nano 45W Smart Display charger displays the device’s battery status. During Amazon’s Big Spring Sale, it’s 30% off.

Latest news – ​Read More