Threat actors leverage DNS queries in ClickFix malware delivery technique

Microsoft has observed a novel variation that replaces traditional HTTP-based payload delivery with DNS lookups.

Latest Security News

View Archive →

Security News

The flaw, tracked as CVE-2026-2441, is the first Chrome zero-day patched since the beginning of the year.

February 16, 2026 3 min read

Security News

The campaign uses basic tooling and legitimate web services to blend malicious activity with normal traffic.

February 16, 2026 3 min read

Security News

GTIG says that the group is less sophisticated and less resourced than other Russian threat actors.

February 16, 2026 3 min read

Security News

In brief: Microsoft, Apple, and Fortinet fix zero-days, SolarWinds and Ivanti flaws exploited by hackers, and more.

🕒 February 13, 2026 • 22 min read

Security News

GreyNoise said it recorded 417 exploitation sessions from eight unique source IP addresses between February 1 and 9, 2026.

🕒 February 12, 2026 • 4 min read

Security News

The company also noted that two previously disclosed flaws, CVE-2025-14174 and CVE-2025-43529, were exploited in the same incidents.

🕒 February 12, 2026 • 2 min read