The Hacker News

ClickFix Attacks Expand Using Fake CAPTCHAs, Microsoft Scripts, and Trusted Web Services

ClickFix uses fake CAPTCHAs and a signed Microsoft App-V script to deploy Amatera stealer on enterprise Windows systems.

WinRAR path traversal flaw still exploited by numerous hackers

Multiple threat actors, both state-sponsored and financially motivated, are exploiting the CVE-2025-8088 high-severity ...
The Hacker News

Hackers Exploit c-ares DLL Side-Loading to Bypass Security and Deploy Malware

Active malware exploits DLL side-loading in a signed GitKraken binary to deliver trojans, stealers, and remote access malware ...
CoinTelegraph

Flow advances recovery plan, raises exchange concerns after $3.9M exploit

The plan to address a multimillion-dollar exploit continued with "phase two progress" on EVM after it scrapped a plan to roll back the blockchain. The Flow Foundation is continuing to implement a ...
Game Rant

ARC Raiders Exploit Makes the Kettle Macro Even More Powerful

Mohsen Baqery is a Staff Writer at GameRant based in Turkey. He mainly covers video game news and industry features while occasionally publishing guides and listicles. Mohsen started his journey into ...
Bleeping Computer

RondoDox botnet exploits React2Shell flaw to breach Next.js servers

The RondoDox botnet has been observed exploiting the critical React2Shell flaw (CVE-2025-55182) to infect vulnerable Next.js servers with malware and cryptominers. First documented by Fortinet in July ...
SCOTUSblog

Express Scripts v. California

11/14/2025 Motion to extend the time to file a response from December 1, 2025 to January 15, 2026, submitted to The Clerk. 11/14/2025 Response of Express Scripts, Inc., et al. to motion submitted.