New FileFix attack uses cache smuggling to evade security software

A new variant of the FileFix social engineering attack uses cache smuggling to secretly download a malicious ZIP archive onto a victim's system and bypassing security software.
CSO Online

Open-source monitor turns into an off-the-shelf attack beacon

Hackers used log poisoning and web shells to convert Nezha into a remote access tool targeting networks across East Asia.
PCQuest on MSN

Inside Oracle's zero-day chaos: how Clop rewrote the ransomware rulebook

Clop’s Oracle WebLogic zero-day exploit exposed a new ransomware era focused on silent data theft, stealthy infiltration, and ...