ClickFix attack uses fake Windows BSOD screens to push malware

A new ClickFix social engineering campaign is targeting the hospitality sector in Europe, using fake Windows Blue Screen of ...
Dark Reading

RondoDox Botnet Expands Scope With React2Shell Exploitation

Recent attacks are targeting Next.js servers and pose a significant threat of cryptomining and other malicious activity to ...
The Hacker News

Transparent Tribe Launches New RAT Attacks Against Indian Government and Academia

Transparent Tribe (APT36) is linked to new cyber-espionage attacks using malicious LNK files, adaptive RATs, and long-term ...
SecurityWeek

RondoDox Botnet Exploiting React2Shell Vulnerability

December 2025, the RondoDox botnet operators have been targeting Next.js servers impacted by the React2Shell vulnerability.
DataBreachToday

RondoDox Botnet Exploiting Devices With React2Shell Flaw

Security firm CloudSEK has uncovered a botnet campaign that is exploiting the React2Shell vulnerability in the Meta-developed ...

Researchers identify new ToneShell backdoor targeting government agencies

To defend against the new attacks, the researchers advise memory forensics as the number one way of spotting ToneShell ...
Computer Weekly

ClickFix attacks that bypass cyber controls on the rise

So-called ClickFix or ClearFake attacks that bypass security controls and use unwitting victims to execute a cyber attack of their own accord are surging at the end of 2025, even outpacing phishing or ...
Upstream

Shell executive quit after BP acquisition proposal rebuffed - report

Senior leaders at Shell rejected a proposal to acquire rival BP early in 2025, prompting the resignation of the former executive in charge of Shell’s mergers and acquisitions, the Financial Times ...