Security Boulevard

The Agentic Virus: How AI Agents Become Self-Spreading Malware

In my previous post, I walked through how disconnected MCP servers and AI agents create a growing blind spot in enterprise ...

Pastebin comments push ClickFix JavaScript attack to hijack crypto swaps

Threat actors are abusing Pastebin comments to distribute a new ClickFix-style attack that tricks cryptocurrency users into ...

Fake CAPTCHA Scam Tricks Windows Users Into Installing Malware

A fake CAPTCHA scam is tricking Windows users into running PowerShell commands that install StealC malware and steal passwords, crypto wallets, and more.
CSO Online

North Korean actors blend ClickFix with new macOS backdoors in Crypto campaign

The campaign used a compromised Telegram account, a fake Zoom meeting, and AI-assisted deception to trick victims into ...
CSO Online

Phishing campaign chains old Office flaw with fileless XWorm RAT to evade detection

The campaign exploits an Office vulnerability to deliver the modular XWorm RAT, chaining HTA, PowerShell, and in-memory .NET execution to sidestep detection and expand post-compromise control.

LummaStealer infections surge after CastleLoader malware campaigns

A surge in LummaStealer infections has been observed, driven by social engineering campaigns leveraging the ClickFix technique to deliver the CastleLoader malware.
Security Boulevard

CVE-2026-1281 & CVE-2026-1340: Actively Exploited Pre-Authentication RCE in Ivanti EPMM

Learn how CVE-2026-1281 and CVE-2026-1340 enable pre-auth RCE in Ivanti EPMM, now actively exploited, and how AppTrana helps block attacks across applications. The post CVE-2026-1281 & CVE-2026-1340: ...