Cybercriminals are increasingly adopting the ClickFix social engineering tactic to distribute malware, with recent campaigns delivering threats like the GHOSTPULSE loader and ARECHCLIENT2 infostealer. A newly uncovered variant, dubbed LightPerlGirl, takes this further by abusing PowerShell and hijacking clipboard data to drop the Lumma infostealer. At the same time, scammers are exploiting Instagram ads to mimic Canadian banks such as BMO and EQ Bank, using AI-powered deepfake videos and authentic-looking branding. Explore more updates from the cybersecurity landscape.
01
A rise in cyber campaigns is utilizing the ClickFix social engineering technique to deploy malware, particularly the GHOSTPULSE loader and ARECHCLIENT2 infostealer.
02
A new ClickFix malware variant, LightPerlGirl, was discovered exploiting PowerShell and clipboard hijacking to deliver the Lumma infostealer.
03
Silver Fox APT launched a phishing campaign targeting Taiwan, which impersonates the National Taxation Bureau to distribute malware, including Winos 4.0, HoldingHands RAT, and Gh0stCringe.
04
Two new WormGPT variants are being distributed via Telegram and BreachForums, exploiting jailbreak prompts to run malicious versions of xAI’s Grok and Mistral’s Mixtral models.
05
Instagram ads are being used to impersonate Canadian banks like BMO and EQ Bank, leveraging AI deepfake videos and official branding to scam users into providing personal information or banking credentials.
06
Google’s Chrome 137 update addresses three vulnerabilities, including two high-severity memory bugs: CVE-2025-6191, an integer overflow in the V8 JavaScript engine, and CVE-2025-6192, a use-after-free flaw in the Profiler component.
07
Two local privilege escalation (LPE) vulnerabilities (CVE-2025-6018 and CVE-2025-6019) allow attackers to gain root access on major Linux distributions like Ubuntu, Debian, Fedora, and SUSE systems.
08
Veeam and BeyondTrust released patches for vulnerabilities that could enable RCE. BeyondTrust addressed a server-side template injection flaw (CVE-2025-5309) in RS and PRA products, impacting specific versions.
09
The U.K. government has launched its Cyber Growth Action Plan, pledging approximately $21.6?million (£16?million) in new funding for the CyberASAP academic-spinout programme and for scaling cybersecurity start-ups.
10
Neovera, a cybersecurity and cloud services provider, announced its acquisition of Greenway Solutions, an adversarial fraud testing company.
