Security researchers at Huntress have uncovered a sophisticated new malware campaign that weaponizes browser stability against users. The attack, dubbed CrashFix, represents an evolution of the notorious ClickFix social engineering technique—but with a dangerous twist: instead of faking system problems, it creates real ones. How NexShield Works The malicious Chrome and Edge extension, called NexShield,…
Apple has released emergency security updates to patch a zero-day vulnerability that was actively exploited in what the company describes as “extremely sophisticated” attacks targeting specific individuals. Technical Details The vulnerability, tracked as CVE-2026-20700, is an arbitrary code execution flaw in dyld, the Dynamic Link Editor used across Apple’s operating systems including iOS, iPadOS, macOS,…
Google has released an emergency security update for Chrome to address CVE-2026-2441, a high-severity use-after-free vulnerability that is already being exploited in the wild. This marks the first actively exploited zero-day in Chrome that Google has patched in 2026, underscoring the ongoing threat that browser-based vulnerabilities pose to organizations worldwide. The Vulnerability: Use-After-Free in CSS…
A new phishing campaign is targeting cryptocurrency hardware wallet users through an unusual vector: physical mail. Threat actors are sending fake letters impersonating Trezor and Ledger security teams, attempting to trick users into surrendering their wallet recovery phrases. The Snail Mail Attack Vector Unlike traditional email phishing, these attacks arrive as physical letters printed on…
A highly sophisticated malware loader known as OysterLoader has emerged as a significant cybersecurity threat, employing advanced multi-layer obfuscation techniques to evade detection while delivering dangerous payloads including Rhysida ransomware and the widespread Vidar infostealer. Sophisticated Distribution Through Fake Software First identified by Rapid7 in June 2024, this C++ malware has evolved into a formidable…
Microsoft has disclosed a sophisticated new variant of the ClickFix social engineering attack that weaponizes the Windows nslookup command to stage malware through DNS queries, enabling attackers to bypass traditional web-based detection mechanisms. Attack Methodology This DNS-based ClickFix variant tricks users into executing a specially crafted command through the Windows Run dialog that performs a…
Microsoft’s February 2026 Patch Tuesday revealed a critical zero-day vulnerability affecting Windows Shell that attackers are actively exploiting to bypass security protections. CVE-2026-21510 carries a CVSS score of 8.8 and allows threat actors to circumvent Windows SmartScreen warnings by tricking users into opening malicious links or shortcut files. Understanding the Vulnerability Windows Shell—the core graphical…
A critical pre-authentication command injection vulnerability in BeyondTrust Remote Support (RS) and Privileged Remote Access (PRA) is now being actively exploited in the wild, with threat actors targeting self-hosted deployments including legacy Bomgar appliances. Vulnerability Overview According to CSO Online, the vulnerability tracked as CVE-2026-1731 is a critical-severity flaw that allows unauthenticated attackers to execute…
Cybersecurity researchers at Noma Labs have disclosed details of a critical vulnerability in Ask Gordon, Docker’s AI assistant integrated into Docker Desktop and the Docker CLI. The flaw, codenamed DockerDash, could have been exploited to execute arbitrary code and exfiltrate sensitive data from compromised environments. Docker addressed the vulnerability in version 4.50.0, released in November…
A critical vulnerability (CVE-2025-64712) discovered in Unstructured.io, a widely deployed ETL library for AI data processing, exposes Amazon, Google, Bank of America, and 87% of Fortune 1000 companies to remote code execution attacks. The Vulnerability: CVSS 9.8 Path Traversal Leading to RCE Security researchers have identified a severe path traversal vulnerability in Unstructured.io’s partition_msg function,…
