ClickFix is a malware family tracked across 50 threat clusters and 104 intelligence report mentions on ThreatCluster. First observed November 6, 2025; most recent activity July 16, 2026.
A critical SQL injection vulnerability (CVE-2026-26980) in Ghost CMS is being actively exploited in a large-scale cyberattack affecting over 700 websites, including those of Harvard University, Oxford University, Auburn…
The Australian Cyber Security Centre (ACSC) has issued a second alert in two months regarding a large-scale hacking campaign exploiting unpatched vulnerabilities in content management systems (CMS). The campaign targets…
A new wave of scams utilizing fake CAPTCHA prompts has emerged, allowing attackers to install malware without traditional download methods. Known as 'ClickFix,' this tactic tricks users into executing malicious scripts…
A new malware strain named 'DeepLoad' has been identified, capable of stealing credentials from enterprise networks immediately upon infection. The malware employs AI-generated code to obfuscate its logic, making it…
LeakNet, a ransomware group, has adopted new tactics involving ClickFix social engineering and a Deno-based fileless loader. This shift allows them to gain initial access through compromised websites, prompting users to…
A new backdoor known as Mistic has been identified in cyberattacks targeting various sectors since April 2026. It is associated with the initial access broker KongTuke, also known as Woodgnat, which sells access to…
A new campaign linked to the TimbreStealer malware targets companies in Mexico, employing advanced evasion techniques. Researchers Euler Neto and Cristóbal Tárraga report that the malware uses DLL side-loading with…
The Mistic malware, a newly identified Windows backdoor, has been active since April 2026, utilizing DLL sideloading to infiltrate enterprise environments. It exploits a legitimate executable, MpExtMs.exe, to load a…
The newly identified Venom Stealer malware-as-a-service (MaaS) platform automates credential theft and continuous data exfiltration, posing a significant threat to users. Sold on cybercrime networks, it integrates…
The SilabRAT, a Remote Access Trojan (RAT), has emerged on dark web forums as a Malware-as-a-Service (MaaS) offering since late 2025, priced at $5,000 per month. Developed by the Russian-speaking actor 'o1oo1', it is…