Fake CAPTCHA Scam Tricks Windows Users Into Installing Malware

A fake CAPTCHA scam is tricking Windows users into running PowerShell commands that install StealC malware and steal passwords, crypto wallets, and more.
WinBuzzer

Fake 7-Zip Downloads Turn Home PCs Into Malicious Proxy Nodes

Researchers have uncovered a malware campaign targeting 7-Zip users through fake domain 7zip.com, turning infected computers ...

New ClickFix attack abuses nslookup to retrieve PowerShell payload via DNS

Threat actors are now abusing DNS queries as part of ClickFix social engineering attacks to deliver malware, making this the first known use of DNS as a channel in these campaigns.
Hackaday

Reverse Engineering A Dash Robot With Ghidra

One of the joys of browsing secondhand shops is the possibility of finding old, perhaps restorable or hackable, electronics ...
IEEE

Casper: Prompt Sanitization for Protecting User Privacy in Web-Based Large Language Models

Abstract: Web-based Large Language Model (LLM) services have been widely adopted and have become an integral part of our Internet experience. Third-party plugins enhance the functionalities of LLMs by ...

LummaStealer infections surge after CastleLoader malware campaigns

A surge in LummaStealer infections has been observed, driven by social engineering campaigns leveraging the ClickFix technique to deliver the CastleLoader malware.