Termite ransomware breaches linked to ClickFix CastleRAT attacks

Ransomware threat actors tracked as Velvet Tempest are using the ClickFix technique and legitimate Windows utilities to deploy the DonutLoader malware and the CastleRAT backdoor.

Wikipedia hit by self-propagating JavaScript worm that vandalized pages

The Wikimedia Foundation suffered a security incident today after a self-propagating JavaScript worm began vandalizing pages and modifying user scripts across multiple wikis.
IEEE

ShadowNet: A Deceptive Active Directory Honeypot for Detecting Targeted Intrusions using Splunk

Abstract: Modern enterprise networks depend heavily on Active Directory (AD), making it a prime target for reconnaissance, credential theft, and lateral movement attacks. Traditional perimeter ...