A newly observed wave of ClickFix social-engineering attacks has shifted tactics, hijacking Windows Terminal as its execution environment to deliver credential-stealing malware. Security researchers from Microsoft and other vendors tracked this campaign in early 2026 and reported a reliable pattern: victims are manipulated into pasting an obfuscated command from their clipboard into a legitimate-looking terminal window, which then decodes and
Category: Microsoft
Windows, Windows Server, Microsoft 365, Word, Excel, PowerPoint, Outlook, OneNote, Teams, SharePoint, OneDrive, Edge, Bing, SQL Server, Visual Studio, Active Directory, Dynamics 365, Power BI, Power Apps, Xbox, Game Pass, Surface, Intune, Defender, Exchange, Hyper-V, .NET, Dataverse,
When Claude Became a Bug Hunter: How an AI Found 22 Firefox Vulnerabilities in Two Weeks
In February 2026, a focused collaboration between Anthropic and Mozilla demonstrated a new phase in vulnerability research: large language models (LLMs) moving beyond assistance into active, high-throughput discovery. Over a two-week engagement, Claude Opus 4.6 performed deep analysis of the Firefox codebase and surfaced 22 distinct security flaws. The scope and speed of these findings — especially the 14 issues
90 Zero‑Days in 2025: Google’s Snapshot of an Evolving Exploit Economy
Google’s Threat Intelligence Group reported 90 zero‑day vulnerabilities actively exploited in the wild across 2025. That total sits above 2024’s 78 but below the record 100 observed in 2023. Beyond the raw count, the GTIG data reveals a notable shift in where and how these flaws were used, who is using them, and which technical weaknesses continue to drive high‑impact
VoidLink Malware Framework: Key Points on How It Targets Kubernetes and AI Workloads
Title: VoidLink Malware Framework: Key Points on How It Targets Kubernetes and AI Workloads Overview VoidLink is a modular malware framework observed targeting cloud-native environments, with emphasis on Kubernetes clusters and AI infrastructure. Goal: persistence, lateral movement, data exfiltration, and abuse of compute (e.g., model theft, crypto-mining, or training/serving misuse). Modularity enables plugins for container escape, kubeconfig harvesting, and targeted
Laser Highways: Taara’s Free‑Space Optics Bring Fiber Speeds Without the Dig
Open-air laser links are no longer a laboratory curiosity. Taara, a spinout from an experimental research lab, is shipping systems that aim to deliver fiberlike throughput across streets, between buildings, and even over urban kilometers—without the expense and delay of trenching fiber. The appeal is simple: where fiber exists nearby but legal, financial, or logistical barriers prevent a direct connection,
Bitwarden Adds Passkey Login Support for Windows 11
Bitwarden now supports using passkeys stored in its vault to sign into Windows 11 devices, enabling passwordless, phishing-resistant authentication. The feature is available to all Bitwarden plans, including the free tier. How it works On the Windows sign-in screen, users choose the security key sign-in option and scan a QR code with a mobile device. The passkey stored in the