Security Boulevard

Hacked sites deliver Vidar infostealer to Windows users

We found fake “verify you are human” pages on hacked WordPress sites that trick Windows users into installing the Vidar ...
SecurityWeek

China-Linked Hackers Hit Asian Militaries in Patient Espionage Operation

The state-sponsored hackers deployed custom tools and stayed dormant in the compromised environments for months.
The Hacker News

ClickFix Campaigns Spread MacSync macOS Infostealer via Fake AI Tool Installers

ClickFix campaigns spread MacSync macOS infostealer via malicious Terminal commands since Nov 2025, targeting AI tool users ...
The Hacker News

Investigating a New Click-Fix Variant

New ClickFix variant maps WebDAV drive to run trojanized WorkFlowy app, enabling stealth C2 beacon and payload delivery.
Security Boulevard

Fake Temu Coin airdrop uses ClickFix trick to install stealthy malware

A fake $TEMU crypto airdrop uses the ClickFix trick to make victims run malware themselves and quietly installs a remote-access backdoor.

AI-generated Slopoly malware used in Interlock ransomware attack

A new malware strain dubbed Slopoly, likely created using generative AI tools, allowed a threat actor to remain on a compromised server for more than a week and steal data in an Interlock ransomware ...

Fake Claude Code Spreads Malware to Windows, macOS Users

Attackers are using fake Claude Code install pages and malicious search ads to spread infostealer malware targeting Windows ...
SecurityWeek

ClickFix Attack Uses Windows Terminal to Evade Detection

A new ClickFix attack variant uses fake CAPTCHA pages instructing victims to paste and execute malicious commands in Windows Terminal.
GitHub

usb rubber ducky program language Docs

DuckyScript is a simple scripting language for automating keyboard input. Originally created for the USB Rubber Ducky, it's now used in various keystroke injection tools. Scripts execute line-by-line, ...