Fake Windows update pushes malware in new ClickFix attack

The ClickFix campaign disguises malware as legitimate Windows updates, using steganography to hide shellcode in PNG files and bypass security detection systems.
Hosted on MSN

Fresh ClickFix attacks use Windows Update trick-pics to steal credentials

A fresh wave of ClickFix attacks is using fake Windows update screens to trick victims into downloading infostealer malware.… ClickFix is a type of social engineering technique that tricks users into ...
SecurityWeek

Chrome Zero-Day Exploitation Linked to Hacking Team Spyware

The threat actor behind Operation ForumTroll used the same toolset typically employed in Dante spyware attacks. The exploitation of the first Chrome zero-day of 2025 is linked to tools used in attacks ...
CSOonline

XWorm campaign shows a shift toward fileless malware and in-memory evasion tactics

In a newly disclosed multi-stage threat campaign, attackers were seen skipping disk and leaning on in-memory tricks to deliver the XWorm remote access trojan (RAT). According to Forcepoint Labs’ ...
GitHub

No user-agent embedded in the shellcode via msfvenom with payload 'windows/x64/meterpreter/reverse_https'

How come there are no user-agent strings embedded in the shellcode when using this command: msfvenom -p windows/x64/meterpreter/reverse_https LHOST=<IP> LPORT=443 ...
The Hacker News

eScan Antivirus Update Mechanism Exploited to Spread Backdoors and Miners

A new malware campaign has been exploiting the updating mechanism of the eScan antivirus software to distribute backdoors and cryptocurrency miners like XMRig through a long-standing threat codenamed ...
The Verge

Microsoft to end its Android apps on Windows 11 subsystem in 2025

Posts from this topic will be added to your daily email digest and your homepage feed. You won’t be able to download new Android apps from Amazon’s Appstore on ...
Security Boulevard

DEF CON 31 – Bramwell Brizendine’s, Jacob Hince’s, Austin Babcock’s, Max Kersten’s ‘Game-Changing Advances In Windows Shellcode Analysis’

DEF CON 31 – Bramwell Brizendine’s, Jacob Hince’s, Austin Babcock’s, Max Kersten’s ‘Game-Changing Advances In Windows Shellcode Analysis’ by Marc Handelman on November 22, 2023 ...
Ars Technica

Microsoft will stop old Windows product keys from activating new Windows installs

At least for now, though, it seems like this change will only apply to future Windows versions. We were able to activate a fresh Windows 11 Pro 22H2 install with a Windows 8 Pro product key as of this ...
The Hacker News

Deadglyph: New Advanced Backdoor with Distinctive Malware Tactics

Cybersecurity researchers have discovered a previously undocumented advanced backdoor dubbed Deadglyph employed by a threat actor known as Stealth Falcon as part of a cyber espionage campaign.
PC Magazine

10 Reasons Windows Is Going in the Wrong Direction

Microsoft has made a lot of bad changes to Windows. As a fan of the OS, I want the company to do better for everyone's sake. Chris Hoffman is the author of Windows Intelligence, an email newsletter ...