• Australian Cyber Security Centre Issues Alert Over ClickFix Attacks
• PCPJack Campaign Boots TeamPCP Off Compromised Machines
• Legacy Security Tools Are Failing Data Protection, Capital One Software Report Finds
• Cline Kanban Flaw Lets Websites Hijack AI Coding Agents
• OpenAI and Anthropic LLMs Used in Critical Infrastructure Cyber-Attack, Warns Dragos
• Fake Claude AI Site Drops Beagle Backdoor on Windows Users
• Daemon Tools Developer Confirms Software Was Trojanized
• Researchers Spot Uptick in Use of Vercel for Phishing Campaigns
• CloudZ Malware Abuses Phone Link to Steal SMS OTPs
• CISA Urges Critical Infrastructure Providers to Make Plans to Remain Operational if hit by Cyber-Attack
• Iran-Linked APT Posed as Chaos Ransomware Member in Espionage Campaign
• One in Eight Workers Has Sold Their Corporate Logins
• Microsoft Flags Mass Phishing Campaign Using Fake Compliance Emails
• North Korean APT Targets Yanbian Gamers via Trojanized Platform
• Fake SSA Emails Drive Venomous#Helper Phishing Campaign
• Critical MOVEit Automation auth bypass vulnerability fixed (CVE-2026-4670)
• DigiCert breached via malicious screensaver file
• Multiple threat actors actively exploit cPanel vulnerability (CVE-2026-41940)
• Two cybersecurity pros get prison time for helping ransomware gang
• Claude Security enters public beta with Opus 4.7 vulnerability scanning and patching
• 15-year-old detained over massive data breach at French government agency

ACSC warns over a campaign targeting organizations which uses ClickFix to deliver Vidar infostealer malware