Chinese hackers exploiting Dell zero-day flaw since mid-2024

A suspected Chinese state-backed hacking group has been quietly exploiting a critical Dell security flaw in zero-day attacks ...

Meta and Other Tech Firms Put Restrictions on Use of OpenClaw Over Security Fears

Security experts have urged people to be cautious with the viral agentic AI tool, known for being highly capable but also wildly unpredictable.
Dark Reading

ClickFix Attacks Abuses DNS Lookup Command to Deliver ModeloRAT

ClickFix campaigns have adapted to the latest defenses with a new technique to trick users into infecting their own machines ...

The Rise of Credential Stuffing Attacks

Credential stuffing attacks use stolen passwords to log in at scale. Learn how they work, why they’re rising, and how to defend with stronger authentication.

Pre-Installed Android Backdoor Confirmed — Thousands Already Infected

Kaspersky Threat Intelligence has confirmed that a fully functional malware backdoor is being distributed pre-installed on Android devices.
The Hacker News

SmartLoader Attack Uses Trojanized Oura MCP Server to Deploy StealC Infostealer

SmartLoader campaign spreading StealC via a trojanized Oura MCP server using fake GitHub forks to steal credentials and crypto funds.

New Keenadu backdoor found in Android firmware, Google Play apps

A newly discovered and sophisticated Android malware called Keenadu has been found embedded in firmware from multiple device ...