Researchers identify a previously unknown ClickFix variant exploiting PowerShell and clipboard hijacking to deliver the Lumma infostealer via a compromised travel site.
The post New ClickFix Malware Variant ‘LightPerlGirl’ Targets Users in Stealthy Hack appeared first on SecurityWeek.
SecurityWeek – Read More
Scattered Spider targets US insurance firms after UK retail attacks, using social engineering to breach help desks and disrupt services, Google warns.
Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto – Read More
A now-patched security flaw in Google Chrome was exploited as a zero-day by a threat actor known as TaxOff to deploy a backdoor codenamed Trinper.
The attack, observed in mid-March 2025 by Positive Technologies, involved the use of a sandbox escape vulnerability tracked as CVE-2025-2783 (CVSS score: 8.3).
Google addressed the flaw later that month after Kaspersky reported in-the-wild
The Hacker News – Read More
The AnonsecKh group, which goes by Bl4ckCyb3r on Telegram, claimed at least 73 attacks on Thai organizations in the two weeks following a May 28 incident in which a Cambodian soldier was killed in a skirmish with Thai forces.
The Record from Recorded Future News – Read More
Employees can access company data through the chatbot. OpenAI cautions users to review their tools for sensitive information.
Latest stories for ZDNET in Security – Read More
A million two-factor authentication codes sent via SMS passed through an obscure third-party company. Here’s how it happened and why it’s a problem.
Latest stories for ZDNET in Security – Read More
Security analysts at Google’s Threat Intelligence Group published a warning this week to insurance companies, writing that it is “now aware of multiple intrusions in the US which bear all the hallmarks of Scattered Spider activity.”
The Record from Recorded Future News – Read More
The apparent cyberattack comes as Israel and Iran engage in a days-long escalating military conflict.
Security News | TechCrunch – Read More
Cybersecurity researchers have disclosed a now-patched security flaw in LangChain’s LangSmith platform that could be exploited to capture sensitive data, including API keys and user prompts.
The vulnerability, which carries a CVSS score of 8.8 out of a maximum of 10.0, has been codenamed AgentSmith by Noma Security.
LangSmith is an observability and evaluation platform that allows users to
The Hacker News – Read More
Cybersecurity researchers at Netcraft have discovered a series of new SEO poisoning related attacks exploiting Google’s search results…
Hackread – Latest Cybersecurity, Hacking News, Tech, AI & Crypto – Read More