Recent threat activity highlights a surge in targeted cyberattacks across sectors. The OneClik APT campaign is phishing energy, oil, and gas companies using Microsoft ClickOnce to deploy a .NET loader and drop the Golang-based RunnerBeacon backdoor. Meanwhile, Iranian state-sponsored group APT42 is conducting spear-phishing attacks on Israeli cybersecurity and computer science professionals. Additionally, ESET reports a 500% spike in the ClickFix attack vector in H1 2025 over H2 2024, now ranking as the second most prevalent threat after phishing. Keep reading for more cybersecurity news.