Pastebin comments push ClickFix JavaScript attack to hijack crypto swaps

Threat actors are abusing Pastebin comments to distribute a new ClickFix-style attack that tricks cryptocurrency users into ...
InfoQ

LinkedIn Leverages GitHub Actions, CodeQL, and Semgrep for Code Scanning

LinkedIn has rebuilt its static application security testing (SAST) pipeline using GitHub Actions and custom workflows, ...
Wired

Meta Is Blocking Links to ICE List on Facebook, Instagram, and Threads

Meta has started blocking its users from sharing links to ICE List, a website that has compiled the names of what it claims are Department of Homeland Security employees, a project the creators say is ...
The Hacker News

China-Linked Hackers Have Used the PeckBirdy JavaScript C2 Framework Since 2023

Cybersecurity researchers have discovered a JScript-based command-and-control (C2) framework called PeckBirdy that has been put to use by China-aligned APT actors since 2023 to target multiple ...
The Hacker News

Microsoft Flags Multi-Stage AitM Phishing and BEC Attacks Targeting Energy Firms

Microsoft has warned of a multi‑stage adversary‑in‑the‑middle (AitM) phishing and business email compromise (BEC) campaign targeting multiple organizations in the energy sector. "The campaign abused ...
The Hollywood Reporter

Oscars: Full List of Nominations

'Sinners' leads the nominees with a record-breaking 16 mentions. By Hilary Lewis, Kimberly Nordyke Sinners leads the 2026 Oscar nominations with a record-breaking 16 noms, including best picture, best ...