North Korea's Lazarus Targets macOS Users via ClickFix - 惯性聚合

推荐订阅源

美团技术团队

罗磊的独立博客

The Register - Security

The GitHub Blog

钛媒体：引领未来商业与生活新知

博客园 - 三生石上(FineUI控件)

Schneier on Security

博客园 - 聂微东

The Exploit Database - CXSecurity.com

Recorded Future

大猫的无限游戏

Know Your Adversary

DataBreaches.Net

Darknet – Hacking Tools, Hacker News & Cyber Security

SegmentFault 最新的问题

博客园_首页

让小产品的独立变现更简单 - ezindie.com

酷壳 – CoolShell

Cisco Talos Blog

Visual Studio Blog

Java Code Geeks

博客园 - Franky

The Cloudflare Blog

Apple Machine Learning Research

CERT Recently Published Vulnerability Notes

Google DeepMind News

Fortinet All Blogs

Privacy International News Feed

Threat Research - Cisco Blogs

The Blog of Author Tim Ferriss

Vulnerabilities – Threatpost

Recent Announcements

Blog — PlanetScale

Security Latest

MIT News - Artificial intelligence

Y Combinator Blog

Kaspersky official blog

有赞技术团队

darkreading

Vidar Rises to Top of Chaotic Infostealer Market Fresh Wave of GlassWorm VS Code Extensions Slices Through Supply Chain UNC6692 Combines Social Engineering, Malware, Cloud Abuse Unpatched 'PhantomRPC' Flaw in Windows Enables Privilege Escalation 20-Year-Old Malware Rewrites History of Cyber Sabotage Parsing Agentic Offensive Security's Existential Threat Helping Romance Scam Victims Require a Proactive, Empathic Approach US Busts Myanmar Ring Targeting US Citizens in Financial Fraud Glasswing Secured the Code. The Rest of Your Stack Is Still on You AI Phishing Is No. 1 With a Bullet for Cyberattackers Chinese APT Abuses Multiple Cloud Tools to Spy on Mongolia Tropic Trooper APT Takes Aim at Home Routers, Japanese Targets China-Backed Hackers Are Industrializing Botnets Bad Memories Still Haunt AI Agents 'Zealot' Shows What AI's Capable of in Staged Cloud Attack Africa Relinquishes Cyberattack Lead to Latin America — For Now 'The Gentlemen' Rapidly Rises to Ransomware Prominence DPRK Fake Job Scams Self-Propagate in 'Contagious Interview' Ransomware Negotiator Pleads Guilty to BlackCat Scheme Exploits Turn Windows Defender into Attacker Tool Surge in Bomgar RMM Exploitation Demonstrates Supply Chain Risk Google Fixes Critical RCE Flaw in AI-Based Antigravity Tool Chinese APT Targets Indian Banks, Korean Policy Circles Vercel Employee's AI Tool Access Led to Data Breach Serial-to-IP Devices Hide Thousands of Old & New Bugs WhatsApp Leaks User Metadata to Attackers How NIST's Cutback of CVE Handling Impacts Cyber Teams Tycoon 2FA Phishers Scatter, Adopt Device Code Phishing Every Old Vulnerability Is Now an AI Vulnerability Coast Guard's New Cybersecurity Rules Offers Lessons for CISOs NIST Revamps CVE Framework to Focus on High-Impact Vulnerabilities North Korea Uses ClickFix to Target macOS Users' Data 'Harmless' Global Adware Transforms Into an AV Killer Two-Factor Authentication Breaks Free from the Desktop Microsoft's Original Windows Secure Boot Certificate Is Expiring 6-Year Ransomware Campaign Targets Turkish Homes & SMBs Critical MCP Integration Flaw Puts NGINX at Risk Navigating the Unique Security Risks of Asia's Digital Supply Chain Prepping for 'Q-Day': Why Quantum Risk Management Should Start Now Audit: Big Tech Often Ignores CA Privacy Law Opt-Out Requests Microsoft, Salesforce Patch AI Agent Data Leak Flaws Microsoft Bets $10B to Boost Japan's AI, Cybersecurity Privilege Elevation Dominates Massive Microsoft Patch Update EDR-Killer Ecosystem Expansion Requires Stronger BYOVD Defenses War Game Exercise Demonstrates How Social Media Manipulation Works Why Orgs Need to Test Networks to Withstand DDoS Attacks During Peak Loads CSA: CISOs Should Prepare for Post-Mythos Exploit Storm Adobe Patches Actively Exploited Zero-Day That Lingered for Months Empty Attestations: OT Lacks the Tools for Cryptographic Readiness APT41 Delivers 'Zero-Detection' Backdoor to Harvest Cloud Credentials Hims Breach Exposes the Most Sensitive Kinds of PHI Your Next Breach Will Look Like Business as Usual FINRA Launches Financial Intelligence Fusion Center to Combat Cybersecurity and Fraud Threats Orange Business Reimagines Enterprise Voice Communications With Trust and AI Industrial Controllers Still Vulnerable As Conflicts Move to Cyber Can Anthropic Keep Its Exploit-Writing AI Out of the Wrong Hands? Russia's 'Fancy Bear' APT Continues Its Global Onslaught 'BlueHammer' Windows Zero-Day Exploit Signals Microsoft Bug Disclosure Issues Do Ceasefires Slow Cyberattacks? History Suggests Not Russia's Forest Blizzard Nabs Rafts of Logins via SOHO Routers Threat Actors Get Crafty With Emojis to Escape Detection AI-Led Remediation Crisis Prompts HackerOne to Pause Bug Bounties Fraud Rockets Higher in Mobile-First Latin America Full Sail University to Open IBM Cyber Defense Range Powered by AWS and Cloud Range on Campus Niobium Introduces The Fog Pluralsight Launches SecureReady to Help Organizations Build Job-Ready Cybersecurity Teams Iranian Threat Actors Disrupt US Critical Infrastructure via Exposed PLCs Storm-1175 Deploys Medusa Ransomware at 'High Velocity' Grafana Patches AI Bug That Could Have Leaked User Data RSAC 2026: How AI Is Reshaping Cybersecurity Faster Than Ever Human vs. AI: Debates Shape RSAC 2026 Cybersecurity Trends Lies, Damned Lies, and Cybersecurity Metrics Focusing on the People in Cybersecurity at RSAC 2026 Conference AI-Assisted Supply Chain Attack Targets GitHub Axios Attack Shows How Complex Social Engineering Is Industrialized Fortinet Issues Emergency Patch for FortiClient Zero-Day Automated Credential Harvesting Campaign Exploits React2Shell Flaw Shadow AI in Healthcare Is Here to Stay OWASP GenAI Security Project Gets Update, New Tools Matrix Inconsistent Privacy Labels Don't Tell Users What They Are Getting Apple Breaks Precedent, Patches DarkSword for iOS 18 Blast Radius of TeamPCP Attacks Expands Amid Hacker Infighting Picking Up 'Skull Vibrations'? Could Be XR Headset Authentication Claude Source Code Leak Highlights Big Supply Chain Missteps Chainguard Unveils Factory 2.0 to Automate Hardening the Software Supply Chain CrowdStrike Next-Gen SIEM Can Now Ingest Microsoft Defender Telemetry Geopolitics, AI, and Cybersecurity: Insights From RSAC 2026 Not Toying Around: Hasbro Attack May Take 'Weeks' to Remediate Security Bosses Are All in on AI: Here's Why RSAC 2026: AI Dominates, But Community Remains Key to Security Bank Trojan 'Casbaneiro' Worms Through Latin America Ransomware Will Hit Hospitals. Rehearsals Are Key to Defense LatAm's Self-Taught Cyber Talent Overlooked Amid Cyberattack Glut Cyberattacks Intensify Pressure on Latin American Governments Venom Stealer MaaS Platform Commoditizes ClickFix Attacks Are We Training AI Too Late? The Forgotten Endpoint: Security Risks of Dormant Devices Axios NPM Package Compromised in Precision Attack Google's Vertex AI Is Over-Privileged. That's a Problem TeamPCP Breaches Cloud, SaaS Instances With Stolen Credentials

North Korea's Lazarus Targets macOS Users via ClickFix

Alexander Cu · 2026-04-24 · via darkreading

此内容由惯性聚合(RSS阅读器)自动聚合整理，仅供阅读参考。原文来自 — 版权归原作者所有。