Imagine a CAPTCHA so convincing it fools even the sharpest eyes. A recent ClearFake campaign turned this trick into a nightmare, compromising 9,300 websites with fake reCAPTCHA and Cloudflare Turnstile verifications to infect users with info-stealers. In a different vein, researchers uncovered the 'Rules File backdoor,' a supply chain attack targeting AI-driven code editors like GitHub Copilot and Cursor, silently injecting malicious code into developers’ workflows. Meanwhile, a long-running phishing campaign has evolved its scareware tactics from Windows to macOS users, exploiting a trusted hosting service to slip past email defenses. Continue reading for the top 10 headlines from the last 24 hours.
01
Sekoia warned of a ClearFake campaign, affecting 9,300 websites, using fake reCAPTCHA and Cloudflare Turnstile verifications to trick users into downloading Lumma and Vidar stealers via malicious PowerShell code.
02
CERT-UA warned of attackers targeting Ukraine’s defense sector using the Signal messenger to send phishing messages spreading DarkCrystal RAT, hidden in archives disguised as meeting reports, often from hacked contacts.
03
Malwarebytes reported a phishing scam targeting cryptocurrency communities on Reddit with links to cracked TradingView software, infecting users with AMOS and Lumma stealers.
04
Security researchers uncovered a supply chain attack known as the 'Rules File backdoor,' which compromises AI-powered code editors like GitHub Copilot and Cursor, tricking them into injecting malicious code.
05
PoC exploits were released for several vulnerabilities in Sante PACS servers. These flaws, including CVE-2025-2263 through CVE-2025-2284, could enable unauthorized access to patient data and system disruption.
06
As per a new report, in 2024, info-stealers infected 23 million hosts, stealing 2.1 billion credentials, mostly from Windows systems. Such attacks witnessed a 33% increase from 2023, further fueling ransomware and breaches.
07
LayerX reported that a long-running phishing campaign using scareware had shifted from targeting Windows to macOS users. Attackers leverage a trusted hosting service to bypass email defenses.
08
In a recent attack, researchers spotted the Ox Thief threat group stealing data and demanding ransom via new extortion tactics. The group threatened to leak stolen data to Edward Snowden and others.
09
An unpatched flaw in Microsoft Windows has been exploited by 11 state-backed groups from China, Iran, North Korea, and Russia since 2017, targeting data theft and espionage. The zero-day allows attackers to run harmful commands using Windows Shortcut files.
10
Google announced its acquisition of cloud security provider Wiz in a deal worth $32 billion, bolstering its cybersecurity offerings under Google Cloud.
