I am not a robot: ClickFix used to deploy StealC and Qilin

Blog

Byadmblake December 18, 2025

The fake human verification process led to infostealer and ransomware infections

Blog

Red Canary Expands AI Innovations to Cut Alert Overload

Post Content

Read More Red Canary Expands AI Innovations to Cut Alert Overload
Blog

Trojanized ESET Installers Drop Kalambur Backdoor in Phishing Attacks on Ukraine

A previously unknown threat activity cluster has been observed impersonating Slovak cybersecurity company ESET as part of phishing attacks targeting Ukrainian entities. The campaign, detected in May 2025, is tracked by the security outfit under the moniker InedibleOchotense, describing it as Russia-aligned. “InedibleOchotense sent spear-phishing emails and Signal text messages, containing a link

Read More Trojanized ESET Installers Drop Kalambur Backdoor in Phishing Attacks on Ukraine
Blog

Salesloft Breached via GitHub Account Compromise

The breach kickstarted a massive supply chain attack that led to the compromise of hundreds of Salesforce instances through stolen OAuth tokens.

Read More Salesloft Breached via GitHub Account Compromise
Blog

Cisco: Critical Meeting Management Bug Requires Urgent Patch

The bug has been given a 9.9 CVSS score, and could allow authenticated threat actors to escalate their privileges to admin-level if exploited.

Read More Cisco: Critical Meeting Management Bug Requires Urgent Patch
Blog

Have Your Say: Dark Reading Seeks Your Input

Dark Reading is offering its readers the opportunity to tell us how we’re doing via a new survey.

Read More Have Your Say: Dark Reading Seeks Your Input
Blog

Novel Phishing Attack Combines AES With Poisoned npm Packages

Researchers discovered a phishing attack in the wild that takes multiple well-tread technologies like open source packages and AES encryption and combines them.

Read More Novel Phishing Attack Combines AES With Poisoned npm Packages

Related