Infosecurity Magazine

North Korean Hackers Target Crypto Firms with ClickFix and AI-Made Zoom Lures

Arctic Wolf attributed this large-scale spear-phishing campaign to BlueNoroff, a financially motivated subgroup of the ...
Hosted on MSN

New 'ClickFix' scam hijacks CAPTCHAs to steal device access

Cybersecurity experts are warning about a new 'ClickFix' scam that disguises itself as a routine CAPTCHA but tricks users into executing malicious commands. The attack prompts victims to perform ...

You Might Have Fallen For This CAPTCHA Scam Without Realising — Here's What To Do Now

Security experts reveal how easy it is to get fooled by this scam and what to do if you think you've been targeted.

ConsentFix v3 attacks target Azure with automated OAuth abuse

A new attack type, dubbed ConsentFix v3, has been circulating on hacker forums, building on the previous technique by adding ...

This SMS Pumping Attack Starts Hitting Your Phone Bill After 1 Click

One click is all it takes to start racking up an inflated phone bill as SMS pumping attacks strike. Here’s what you need to ...

New Global Scam Uses Fake Meeting Links to Run PowerShell Malware

BlueNoroff hackers used fake Zoom calls, ClickFix prompts, and fileless PowerShell malware to steal credentials from Web3 and ...

Learning from the Vercel breach: Shadow AI & OAuth sprawl

A single third-party OAuth integration can become a direct path into your environment. Push explains how the Vercel breach ...
Unite.AI

AI Hype Is Overshadowing the Human Decisions That Lead to Breaches

AI has reshaped how organizations think about threats, with attention often focused on large-scale operations, automated reconnaissance, and increasingly convincing impersonation. These developments ...
Microsoft

Email threat landscape: Q1 2026 trends and insights

In early 2026, email threats increased with a rise in credential phishing, QR code phishing, and CAPTCHA-gated campaigns, ...
Dark Reading

BlueNoroff Uses Fake Zoom Calls to Turn Victims Into Attack Lures

The North Korean group is using stolen victim videos, AI-generated avatars, and pseudo-video calls to scale malware attacks ...
Dark Reading

Fresh Wave of GlassWorm VS Code Extensions Slices Through Supply Chain

Attackers continue to scale a campaign to seed Open VSX with seemingly benign VS Code extensions that spread self-propagating ...