Breaking News – Cyber Threats (last 6h)
Generated: 2026-02-15 12:00 PST
- CTM360: Lumma Stealer and Ninja Browser malware campaign abusing Google Groups
BleepingComputer • 2026-02-15 08:30 • www.bleepingcomputer.com
CTM360 reports 4,000+ malicious Google Groups and 3,500+ Google-hosted URLs used to spread the Lumma Stealer infostealing malware and a trojanized “Ninja Browser.” The report details how attackers abuse trusted Google services to steal credentials and maintain persistence across Windows and Linux systems. […]
https://www.bleepingcomputer.com/news/security/ctm360-lumma-stealer-and-ninja-browser-malware-campaign-abusing-google-groups/ - Pastebin comments push ClickFix JavaScript attack to hijack crypto swaps
BleepingComputer • 2026-02-15 07:17 • www.bleepingcomputer.com
Threat actors are abusing Pastebin comments to distribute a new ClickFix-style attack that tricks cryptocurrency users into executing malicious JavaScript in their browser, allowing attackers to hijack Bitcoin swap transactions and redirect funds to attacker-controlled wallets. […]
https://www.bleepingcomputer.com/news/security/pastebin-comments-push-clickfix-javascript-attack-to-hijack-crypto-swaps/ - Microsoft Discloses DNS-Based ClickFix Attack Using Nslookup for Malware Staging
The Hacker News • 2026-02-15 06:10 • thehackernews.com
Microsoft has disclosed details of a new version of the ClickFix social engineering tactic in which the attackers trick unsuspecting users into running commands that carry out a Domain Name System (DNS) lookup to retrieve the next-stage payload.
Specifically, the attack relies on using the “nslookup” (short for nameserver lookup) command to execute a custom DNS lookup triggered via the Windows
https://thehackernews.com/2026/02/microsoft-discloses-dns-based-clickfix.html
Sources: BleepingComputer, The Hacker News, KrebsOnSecurity, SANS ISC, CISA.
