New ClickFix Attack Targeting Windows and macOS Users to Deploy Infostealer Malware

Security researchers have uncovered a sophisticated malware campaign that leverages the ClickFix social engineering technique to distribute information-stealing malware across Windows and macOS platforms. The campaign demonstrates how threat actors are exploiting legitimate search queries for cracked software to deliver…

Active Exploitation of Cisco and Citrix 0-Day Vulnerabilities Allows Webshell Deployment

Amazon’s threat intelligence team has uncovered a sophisticated cyber campaign exploiting previously undisclosed zero-day vulnerabilities in critical enterprise infrastructure. Advanced threat actors are actively targeting Cisco Identity Service Engine (ISE) and Citrix systems, deploying custom webshells to gain unauthorized administrative…

Hackers Using RMM Tools LogMeIn and PDQ Connect to Deploy Malware as Legitimate Software

Cybersecurity researchers at AhnLab Security Intelligence Center (ASEC) have uncovered a sophisticated attack campaign leveraging legitimate Remote Monitoring and Management (RMM) tools to deploy backdoor malware on unsuspecting users’ systems. The attacks abuse LogMeIn Resolve (GoTo Resolve) and PDQ Connect,…