Cyber Security – Page 28 – Simply Secure Group

New Clickfix Attack Uses DNS Hijacking to Spread Malware

Clickfix Attack DNS Hijacking spread malware A new evolution in the ClickFix social engineering campaign, which now employs a custom DNS hijacking technique to deliver malware. This attack method tricks users into executing malicious commands that utilize DNS lookups to fetch the next stage of the infection, allowing attackers to bypass traditional detection methods and […]

Threat Actors Exploit Claude Artifacts and Google Ads to Target macOS Users

Threat Actors Exploit Claude Artifacts Google Ads A sophisticated malware campaign targeting macOS users through Google-sponsored search results and legitimate platforms, including Anthropic’s Claude AI and Medium. The campaign has already reached over 15,000 potential victims through two distinct attack variants that exploit users’ trust in established online services. 15,000 potential victims (Source: Twitter) The […]

Threat Actor Allegedly Selling Critical Severity OpenSea 0-day Exploit Chain on Hacking Forums

OpenSea 0-day Exploit Chain A threat actor is reportedly selling a purported critical severity zero-day exploit chain targeting OpenSea for $100,000 USD in Bitcoin or Monero. The listing claims the vulnerability remains unpatched and undisclosed, raising alarms in the NFT community. The exploit allegedly targets flaws in OpenSea’s Seaport protocol order validation logic across Ethereum […]

CISA Warns of Microsoft Configuration Manager SQL Injection Vulnerability Exploited in Attacks

CISA Warns Microsoft Configuration Manager SQL Injection Vulnerability CISA has issued an urgent alert about a critical SQL injection vulnerability in Microsoft Configuration Manager (SCCM). Tracked as CVE-2024-43468, this flaw lets unauthenticated attackers run malicious commands on servers and databases. Added to CISA’s Known Exploited Vulnerabilities (KEV) catalog on February 12, 2026, agencies must patch […]

Malicious Chrome AI Extensions Attacking 260,000 Users via Injected IFrames

Malicious Chrome AI Extensions Attacking 260000 Users via Injected IFrames A coordinated campaign is using malicious Chrome extensions that impersonate popular AI tools like ChatGPT, Claude, Gemini, and Grok. These fake “AI assistants” spy on users through injected, remote-controlled iframes, turning helpful browser add-ons into surveillance tools. More than 260,000 users have installed these extensions. […]

Chrome Extensions Infected 500K Users to Hijack VKontakte Accounts

Over half a million VKontakte users have fallen victim to a sophisticated malware campaign that silently hijacks accounts through seemingly harmless Chrome extensions. The malicious extensions, disguised as VK customization tools, automatically subscribe users to attacker-controlled groups, reset account settings every 30 days, and manipulate security tokens to maintain persistent control. What appeared as simple […]

Critical Vulnerability in Next-Mdx-Remote Allows Arbitrary Code Execution in React Server-Side Rendering

Vulnerability in Next-Mdx-Remote Security advisory HCSEC-2026-01 revealed a critical vulnerability in the next-mdx-remote library that allows attackers to execute arbitrary code on servers rendering untrusted MDX content. Tracked as CVE-2026-0969, the issue affects versions 4.3.0 through 5.0.0 and is fixed in 6.0.0. Next-mdx-remote is a popular open-source TypeScript library for Next.js based React apps. It […]

Odido Telecom Suffers Cyberattack 6.2 Million Customer Accounts Affected

Odido Telecom Suffers Cyberattack Odido Telecom, a leading Dutch telecommunications provider, confirmed on February 12, 2026, that hackers accessed personal data from 6.2 million customer accounts in a major cyberattack. The breach, detected over the February 7-8 weekend, has raised alarms about phishing risks despite no disruption to services. Hackers infiltrated Odido’s customer relationship management […]

Rogue VM Linked to Muddled Libra in VMware vSphere Attack, Revealing Key TTPs

In a September 2025 incident response case, investigators found a rogue virtual machine inside a VMware vSphere environment and tied it with high confidence to Muddled Libra, also tracked as Scattered Spider and UNC3944. The VM acted like a quiet staging host, giving the intruders a place to recon the network, pull down tools, and […]

Palo Alto Networks Firewall Vulnerability Allows an Attacker to Force Firewalls into a Reboot Loop

Palo Alto Networks Firewall Vulnerability A critical denial-of-service (DoS) flaw in Palo Alto Networks’ PAN-OS software could let unauthenticated attackers crash firewalls into endless reboot cycles, potentially crippling enterprise networks. Dubbed CVE-2026-0229, the vulnerability lurks in the Advanced DNS Security (ADNS) feature. An attacker sends a maliciously crafted packet to trigger a system reboot. Repeated […]

Cookie	Duration	Description
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.