LeakNet勒索软件组织采用ClickFix社会工程学战术，通过被攻陷网站作为初始访问方法。该技术诱使用户手动运行恶意命令来解决虚假错误，改变了依赖传统方式获取初始访问的做法。攻击的另一重要特点是使用基于Deno JavaScript运行时构建的分阶段命令控制加载器，直接在内存中执行恶意载荷。LeakNet于2024年11月首次出现，自称"数字监督者"。

LeakNet uses ClickFix via compromised sites to gain access, enabling stealth attacks and scalable ransomware operations.

Google has just released an emergency Chrome update to patch two dangerous zero-day vulnerabilities being exploited by ...

Recent social engineering schemes involving WordPress and Microsoft’s Windows Terminal show that this relatively basic tactic is a growing threat.

Google is pushing an emergency patch for a zero-day vulnerability that has been exploited in the wild, and a second zero-day has been identified and is expected to be fixed in a future update.

Chrome on Windows, Mac, Linux, and Android are affected.

New ClickFix variant maps WebDAV drive to run trojanized WorkFlowy app, enabling stealth C2 beacon and payload delivery.

CVE-2026-3909 is an out-of-bounds write flaw in Skia, the graphics library Chrome uses to render web content and parts of its user interface. Memory corruption bugs like this can sometimes be abused ...

Struggling with Microsoft Edge "Access Denied" on specific sites? Discover proven, step-by-step fixes for Microsoft Edge ...

Powered by the TypesScript-native runtime Bun, Electrobun improves Electron with a smaller application footprint and built-in ...

Rapid7 researchers spot a malicious campaign aimed at harvesting credentials and digital wallets from Windows machines.