New macOS stealer campaign uses Script Editor in ClickFix attack

A new campaign delivering the Atomic Stealer malware to macOS users abuses the Script Editor in a variation of the ClickFix ...

R.J. Cipriani Revels in Jeff Shell's Paramount Exit

Jeff Shell's fight with R.J. Cipriani, a notorious provocateur, may have been the proximate cause for his undoing but ...
CSO Online

New ClickFix variant bypasses Apple safeguards with one‑click script execution

Jamf finds a ClickFix variant that swaps copy-paste Terminal lures for Script Editor execution, tightening delivery of Atomic ...
Opinion

Washington's Hemp Shell Game: How Medicare Dollars Are Funding Non-Approved Products While FDA-Compliant Medicines Wait

The Substance Access Beneficiary Engagement Incentive (BEI), which went live on April 1, 2026, allows Medicare-connected care organizations to furnish up to $500 per year in hemp-derived products to ...
The Hacker News

DPRK-Linked Hackers Use GitHub as C2 in Multi-Stage Attacks Targeting South Korea

DPRK-linked actors use GitHub C2 and LNK phishing in South Korea, enabling persistent PowerShell control and data ...
SecurityWeek

React2Shell Exploited in Large-Scale Credential Harvesting Campaign

The UAT-10608 hacking group is using automated scanning and scripts to exploit React2Shell in a large-scale credential ...
The Hacker News

Axios Supply Chain Attack Pushes Cross-Platform RAT via Compromised npm Account

Axios 1.14.1 and 0.30.4 injected malicious plain-crypto-js@4.2.1 after npm compromise on March 31, 2026, deploying ...
CSO Online

Security lapse lets researchers view React2Shell hackers’ dashboard

The campaign is stealing credentials from unpatched servers at scale, due to “neglect and efficiency,” says analyst, and the ...
Smithsonian Magazine

Archaeologists Unearth More Than 40,000 Pieces of Pottery That Ancient Egyptians Used Like Scrap Paper

The ostraca, some dating back to the time just before Cleopatra, were discovered within the ancient ruins of Athribis ...
Yahoo Malaysia

Big Bet: Jeff Shell Countersues In “Shakedown” $150M Loose Lips Battle; Mega-Suit Against David Ellison & Paramount Brass Could Be In The Cards From Pro Gambler Accuser

Litigator Patty Glaser promised last month Jeff Shell would “strongly respond” to threats legal and otherwise from a pro-gambler over potentially insider information and leaked data, and today the ...
Microsoft

Storm-1175 focuses gaze on vulnerable web-facing assets in high-tempo Medusa ransomware operations

The financially motivated cybercriminal threat actor Storm-1175 operates high-velocity ransomware campaigns that weaponize ...