Skip to content

Hundreds Targeted in New Atomic macOS Stealer Campaign

Between June and August, over 300 entities were targeted with the Atomic macOS Stealer via malvertising. The post Hundreds Targeted in New Atomic macOS Stealer Campaign appeared first on SecurityWeek.

MITRE Updates List of Most Common Hardware Weaknesses

MITRE has updated the list of Most Important Hardware Weaknesses to align it with evolving hardware security challenges. The post MITRE Updates List of Most Common Hardware Weaknesses appeared first on SecurityWeek.

Ex-Developer Jailed Four Years for Sabotaging Ohio Employer with Kill-Switch Malware

Ex-Developer Jailed Four Years for Sabotaging Ohio Employer with Kill-Switch Malware

A 55-year-old Chinese national has been sentenced to four years in prison and three years of supervised release for sabotaging his former employer’s network with custom malware and deploying a kill switch that locked out employees when his account was disabled. Davis Lu, 55, of Houston, Texas, was convicted ofRead More »Ex-Developer Jailed Four Years for Sabotaging Ohio Employer with Kill-Switch Malware

Pre-Auth Exploit Chains Found in Commvault Could Enable Remote Code Execution Attacks

Pre-Auth Exploit Chains Found in Commvault Could Enable Remote Code Execution Attacks

Commvault has released updates to address four security gaps that could be exploited to achieve remote code execution on susceptible instances. The list of vulnerabilities, identified in Commvault versions before 11.36.60, is as follows – CVE-2025-57788 (CVSS score: 6.9) – A vulnerability in a known login mechanism allows unauthenticated attackersRead More »Pre-Auth Exploit Chains Found in Commvault Could Enable Remote Code Execution Attacks

Cybercriminals Deploy CORNFLAKE.V3 Backdoor via ClickFix Tactic and Fake CAPTCHA Pages

Cybercriminals Deploy CORNFLAKE.V3 Backdoor via ClickFix Tactic and Fake CAPTCHA Pages

Threat actors have been observed leveraging the deceptive social engineering tactic known as ClickFix to deploy a versatile backdoor codenamed CORNFLAKE.V3. Google-owned Mandiant described the activity, which it tracks as UNC5518, as part of an access-as-a-service scheme that employs fake CAPTCHA pages as lures to trick users into providing initialRead More »Cybercriminals Deploy CORNFLAKE.V3 Backdoor via ClickFix Tactic and Fake CAPTCHA Pages

Scattered Spider Hacker Sentenced to Prison

Noah Urban was sentenced to 10 years in prison for his role in the notorious cybercriminal operation known as Scattered Spider. The post Scattered Spider Hacker Sentenced to Prison appeared first on SecurityWeek.

Password Managers Vulnerable to Data Theft via Clickjacking

A researcher has tested nearly a dozen password managers and found that they were all vulnerable to clickjacking attacks. The post Password Managers Vulnerable to Data Theft via Clickjacking appeared first on SecurityWeek.

Copyright © 2026 infosecintel.net