ClickFix campaigns spread MacSync macOS infostealer via malicious Terminal commands since Nov 2025, targeting AI tool users and developers.

A fake $TEMU crypto airdrop uses the ClickFix trick to make victims run malware themselves and quietly installs a remote-access backdoor.

A new social engineering campaign is abusing fake CAPTCHA verification pages to trick Windows users into launching StealC information-stealing malware. The attack relies on compromised websites that ...

Using an AI coding assistant to migrate an application from one programming language to another wasn’t as easy as it looked. Here are three takeaways.

OpenAI has launched the Codex app for Windows, a desktop tool that lets developers run multiple AI coding agents, automate tasks and manage software projects directly from their PC ...

Ransomware threat actors tracked as Velvet Tempest are using the ClickFix technique and legitimate Windows utilities to deploy the DonutLoader malware and the CastleRAT backdoor.

The Contagious Interview campaign weaponizes job recruitment to target developers. Threat actors pose as recruiters from crypto and AI companies and deliver backdoors such as OtterCookie and ...

A fake CAPTCHA scam is tricking Windows users into running PowerShell commands that install StealC malware and steal passwords, crypto wallets, and more. Explore Get ...

OAuth redirection is being repurposed as a phishing delivery path. Trusted authentication flows are weaponized to move users ...

Your weekly cybersecurity roundup covering the latest threats, exploits, vulnerabilities, and security news you need to know.

In a post on X (formerly known as Twitter), the AI giant announced that the Codex app is now available on Windows, adding, “Get the full Codex app experience on Windows with a native agent sandbox and ...