Bad CAPTCHA in the wild tricks Mac users into installing malware through Terminal

Hackers have a new tool called ClickFix. The new attack vector combines fake human-verification prompts with malware, trying to trick users into running Terminal commands that bypass macOS security.

AI-generated Slopoly malware used in Interlock ransomware attack

A new malware strain dubbed Slopoly, likely created using generative AI tools, allowed a threat actor to remain on a compromised server for more than a week and steal data in an Interlock ransomware ...
The Hacker News

DRILLAPP Backdoor Targets Ukraine, Abuses Microsoft Edge Debugging for Stealth Espionage

DRILLAPP JavaScript backdoor targets Ukraine in Feb 2026, abusing Edge debugging features to spy via camera, microphone, and ...
CSO Online

ClickFix techniques evolve in new infostealer campaigns

Recent social engineering schemes involving WordPress and Microsoft’s Windows Terminal show that this relatively basic tactic is a growing threat.

Amazon's Zoox to test robotaxis in Phoenix, open Valley 'command hub'

Zoox joins Waymo and other competitors eyeing the Valley's growing autonomous vehicle market. The Amazon subsidiary has ...
InfoWorld

First look: Electrobun for TypeScript-powered desktop apps

Powered by the TypesScript-native runtime Bun, Electrobun improves Electron with a smaller application footprint and built-in ...

ThreatDown Uncovers First Cyber Attack Abusing Deno JavaScript Runtime for Fileless Malware Delivery

ThreatDown, the corporate business unit of Malwarebytes, today published research documenting what researchers believe to be ...
The Hacker News

Hive0163 Uses AI-Assisted Slopoly Malware for Persistent Access in Ransomware Attacks

AI-generated Slopoly malware used by Hive0163 in 2026 attacks maintained access for over a week, highlighting how AI ...
The Caledonian-Record

General (Ret.) Anthony Cotton, Former STRATCOM Commander, Joins Pallas Speakers Bureau

Pallas Advisors is pleased to announce that General (Ret.) Anthony Cotton has joined the Pallas Speakers Bureau, a platform connecting audiences with top-tier ...

Commandant of Canadian Army Command and Staff College removed from post

Decision to remove Col. Fraser Auld ‘follows a loss of trust in his ability to command,’ a spokesperson for the Department of ...

Wikipedia hit by self-propagating JavaScript worm that vandalized pages

The Wikimedia Foundation suffered a security incident today after a self-propagating JavaScript worm began vandalizing pages and modifying user scripts across multiple wikis.
The Register-Herald

Photos show dignified transfer for the six fallen U.S. soldiers killed in the war in the Middle East

President Donald Trump attended the dignified transfer of six U.S. soldiers killed in a drone strike on a command center in ...