How to Spot a Browser-in-the-Browser Phishing Attack

One particularly sneaky scam is a browser-in-the-browser (BitB) attack, in which threat actors create a fake browser window that looks like a trusted single sign-on (SSO) login page within a real ...

Fake Windows update pushes malware in new ClickFix attack

The ClickFix campaign disguises malware as legitimate Windows updates, using steganography to hide shellcode in PNG files and ...

Kali Linux 2025.4 released with 3 new tools, desktop updates

Kali Linux has released version 2025.4, its final update of the year, introducing three new tools, desktop environment improvements, and enhanced Wayland support.
Techlicious

Microsoft Security Update Patches Flaw Hackers Are Already Exploiting

You shouldn’t delay those Windows updates anymore. It patches one flaw hackers are already taking advantage of and two others they know about.

New ConsentFix attack hijacks Microsoft accounts via Azure CLI

A new variation of the ClickFix attack dubbed 'ConsentFix' abuses the Azure CLI OAuth app to hijack Microsoft accounts without the need for a password or to bypass multi-factor authentication (MFA) ...