New FileFix attack uses cache smuggling to evade security software

A new variant of the FileFix social engineering attack uses cache smuggling to secretly download a malicious ZIP archive onto a victim's system and bypassing security software.
The Hacker News

Hackers Exploit WordPress Sites to Power Next-Gen ClickFix Phishing Attacks

Researchers expose new WordPress malware and ClickFix phishing kits exploiting cache smuggling for stealth attacks.
Infosecurity Magazine

Nezha Tool Used in New Cyber Campaign Targeting Web Applications

A cyber campaign using Nezha has been identified, targeting vulnerable web apps with PHP web shells and Ghost RAT ...