New ClickFix attack abuses nslookup to retrieve PowerShell payload via DNS

Threat actors are now abusing DNS queries as part of ClickFix social engineering attacks to deliver malware, making this the first known use of DNS as a channel in these campaigns.
SecurityWeek

Critical N8n Sandbox Escape Could Lead to Server Compromise

A critical n8n flaw could allow attackers to use crafted expressions in workflows to execute arbitrary commands on the host.

Fake job recruiters hide malware in developer coding challenges

A new variation of the fake recruiter campaign from North Korean threat actors is targeting JavaScript and Python developers ...

Leading space command home: Alabama native to direct fast‑track move to Huntsville

The move brings up to 1,800 jobs to Redstone Arsenal. A veteran with deep Alabama ties will oversee the transition.
InfoWorld

Last JavaScript-based TypeScript arrives in beta

TypeScript 6.0 is intended to be the last release based on the current JavaScript codebase, before a Go-based compiler and language service debuts in TypeScript 7.0.
Que.com on MSN

China-linked hackers deploy PeckBirdy JavaScript C2 framework since 2023

Since 2023, multiple security investigations have highlighted a growing trend in which China-linked threat actors ...

Why Birmingham banks and manufacturers should pay attention to Huntsville's space boom

Birmingham might not be known for its rockets, but it supplies the manufacturing, cybersecurity and financial muscle that ...
The Hacker News

Critical n8n Flaw CVE-2026-25049 Enables System Command Execution via Malicious Workflows

Critical n8n v CVE-2026-25049 allows authenticated workflow abuse to execute system commands and expose server data.
The Register-Herald

How many feet are in 500 miles? Nobody knows, at least Nate Bargatze doesn't at the Daytona 500

Comedian Nate Bargatze served as the grand marshal for the Daytona 500. His “Big Dumb Eyes World Tour” set a record for ...
SecurityWeek

Vulnerability Allows Hackers to Hijack OpenClaw AI Assistant

OpenClaw patched a critical vulnerability that could be exploited to hijack the increasingly popular AI assistant.

Iran meets UN nuclear watchdog ahead of U.S. talks

Iran’s top diplomat met with the head of the U.N. nuclear watchdog agency on Monday, ahead of a second round of negotiations ...
The Hacker News

APT36 and SideCopy Launch Cross-Platform RAT Campaigns Against Indian Entities

Pakistan-aligned APT36 and SideCopy target Indian defense and government entities using phishing-delivered RAT malware across Windows and Linux system ...