Security Boulevard

APT Attacks Target Indian Government Using SHEETCREEP, FIREPOWER, and MAILCREEP | Part 2

This is Part 2 of our two-part technical analysis on the Gopher Strike and Sheet Attack campaigns. For details on the Gopher Strike campaign, go to Part 1.IntroductionIn September 2025, Zscaler ...
WeLiveSecurity

DynoWiper update: Technical analysis and attribution

ESET researchers present technical details on a recent data destruction incident affecting a company in Poland’s energy sector.
SDxCentral

How threat actors are really using AI

From Russian GRU operations to Chinese espionage campaigns, AI is transforming cyber warfare. But that change is a bit more ...
Microsoft

Infostealers without borders: macOS, Python stealers, and platform abuse

How modern infostealers target macOS systems, leverage Python‑based stealers, and abuse trusted platforms and utilities to ...
The Hacker News

ClickFix Attacks Expand Using Fake CAPTCHAs, Microsoft Scripts, and Trusted Web Services

ClickFix uses fake CAPTCHAs and a signed Microsoft App-V script to deploy Amatera stealer on enterprise Windows systems.
The Hacker News

OpenClaw Bug Enables One-Click Remote Code Execution via Malicious Link

A high-severity OpenClaw flaw allows one-click remote code execution via token theft and WebSocket hijacking; patched in ...

OpenClaw is a security nightmare - 5 red flags you shouldn't ignore (before it's too late)

Handing your computing tasks over to a cute AI crustacean might be intriguing - but you should consider these security risks before doing so.