LeakNet Ransomware Uses ClickFix and Deno In-Memory Loader — The Hacker News

The LeakNet ransomware group has adopted the ClickFix social engineering technique to infiltrate corporate environments. Utilizing a Deno runtime for in-memory loading, this method allows for stealthy deployment, bypassing traditional detection mechanisms. Security teams should be aware of this evolving threat and update their detection strategies to identify such in-memory execution techniques.

GlassWorm Malware Targets GitHub and npm Repositories — BleepingComputer

The GlassWorm supply chain attack has resurfaced, targeting over 400 code repositories on platforms like GitHub, npm, VSCode, and OpenVSX. This coordinated attack injects malicious code into legitimate projects, posing significant risks to developers and end-users. Security teams must audit dependencies regularly and employ tools to detect unauthorized changes in codebases.

Apple Releases Security Updates for High-Risk WebKit Vulnerability — Google News Security (CN)

Apple has issued security updates for iOS, iPadOS, and macOS to address a critical WebKit vulnerability. The flaw, which could allow attackers to execute arbitrary code, affects Safari and other WebKit-based applications. Users are urged to update their devices immediately to mitigate potential exploitation risks.

• Konni Deploys EndRAT Through Phishing, Uses KakaoTalk to Propagate Malware [The Hacker News]
• More Attackers Are Logging In, Not Breaking In [Dark Reading]
• Europe sanctions Chinese and Iranian firms for cyberattacks [BleepingComputer]
• China-Nexus Hackers Skulk in Southeast Asian Military Orgs for Years [Dark Reading]
• CISA Flags Actively Exploited Wing FTP Vulnerability Leaking Server Paths [The Hacker News]