Fake MAS Windows activation domain used to spread PowerShell malware

A typosquatted domain impersonating the Microsoft Activation Scripts (MAS) tool was used to distribute malicious PowerShell ...

The biggest cybersecurity and cyberattack stories of 2025

Some stories, though, were more impactful or popular with our readers than others. This article explores 15 of the biggest ...

This SmarterMail vulnerability allows Remote Code Execution - here's what we know

Business-grade email server software SmarterMail just patched a maximum-severity vulnerability that allowed threat actors to ...
The Hacker News

Transparent Tribe Launches New RAT Attacks Against Indian Government and Academia

Transparent Tribe (APT36) is linked to new cyber-espionage attacks using malicious LNK files, adaptive RATs, and long-term ...

Researchers identify new ToneShell backdoor targeting government agencies

To defend against the new attacks, the researchers advise memory forensics as the number one way of spotting ToneShell infections. They also shared a list of indicators of compromise (IoC) which can ...
Computer Weekly

ClickFix attacks that bypass cyber controls on the rise

So-called ClickFix or ClearFake attacks that bypass security controls and use unwitting victims to execute a cyber attack of their own accord are surging at the end of 2025, even outpacing phishing or ...
Security Boulevard

Top CVEs of December 2025

December 2025 was a brutal reality check for security teams. While most were winding down for the holidays, threat actors weaponized a tectonic shift in the landscape, headlined by the... The post Top ...