WordPress ad-fraud plugins generated 1.4 billion ad requests per day
SkyNet Automation A large-scale ad fraud operation called ‘Scallywag’ is monetizing pirating and URL shortening sites through specially crafted WordPress…
BleepingComputer
Phishers abuse Google OAuth to spoof Google in DKIM replay attack
In a rather clever attack, hackers leveraged a weakness that allowed them to send a fake email that…
State-sponsored hackers embrace ClickFix social engineering tactic
ClickFix attacks are being increasingly adopted by threat actors of all levels, with researchers now seeing multiple advanced…
Widespread Microsoft Entra lockouts tied to new security feature rollout
Windows administrators from numerous organizations report widespread account lockouts triggered by false positives in the rollout of a…
New Android malware steals your credit cards for NFC relay attacks
A new malware-as-a-service (MaaS) platform named ‘SuperCard X’ has emerged, targeting Android devices via NFC relay attacks that…
Critical Erlang/OTP SSH RCE bug now has public exploits, patch now
Public exploits are now available for a critical Erlang/OTP SSH vulnerability tracked as CVE-2025-32433, allowing unauthenticated attackers to…
Google Gemini AI is getting ChatGPT-like Scheduled Actions feature
Google Gemini is testing a ChatGPT-like scheduled tasks feature called “Scheduled Actions,” which will allow you to create…
Interlock ransomware gang pushes fake IT tools in ClickFix attacks
The Interlock ransomware gang now uses ClickFix attacks that impersonate IT tools to breach corporate networks and deploy…
OpenAI details ChatGPT-o3, o4-mini, o4-mini-high usage limits
OpenAI has launched three new reasoning models – o3, o4-mini, and o4-mini-high for Plus and Pro subscribers, but…
FBI: Scammers pose as FBI IC3 employees to ‘help’ recover lost funds
The FBI warns that scammers posing as FBI IC3 employees are offering to “help” fraud victims recover money…