Feed aggregator

Article URL: https://voidsec.com/ai-vulnerability-research-fuzzer-era/

Comments URL: https://news.ycombinator.com/item?id=48110121

Points: 1

# Comments: 0

Researchers found that cybercriminals are using sponsored search results and shared Claude chats to lure victims into a typical ClickFix attack to install malware on macOS devices.

ClickFix is a social engineering method that tricks users into infecting their own device with malware. Users are instructed to run specific commands that will download malware, usually an infostealer.

The researchers found that when users search for terms like “Claude Mac download,” they may see sponsored Google results that appear to go to the legitimate claude.ai domain.

In reality, the ads resolve to real Claude shared chats, set up to look like official “Claude Code on Mac” or Apple Support guides. Independent research by BleepingComputer found another chat serving the same purpose. The chat instructs victims to open Terminal and paste a base64‑encoded command, which pulls a loader shell script from attacker‑controlled infrastructure and runs it in memory.

The script then profiles the system, pulls down a second-stage payload and runs it through osascript, macOS’s built-in scripting engine. This gives the attacker remote code execution (RCE) without ever dropping a traditional application or binary.

This results in a MacSync‑style payload that harvests browser credentials, cookies, Keychain contents, and crypto wallet data, bundles it, and sends all that information over HTTP to attacker servers.

How to stay safe

Users running macOS Tahoe 26.4 and later will see warnings about possible ClickFix attacks, but other users still have to rely on common sense.

With ClickFix running rampant and inventing new methods all the time, it’s important to stay aware, cautious, and protected.

• Slow down. Don’t rush to follow instructions on a webpage or prompt, especially if it asks you to run commands on your device or copy and paste code. Attackers rely on urgency to bypass your critical thinking, so be cautious of pages urging immediate action. Sophisticated ClickFix pages add countdowns, user counters, or other pressure tactics to make you act quickly.
• Avoid running commands or scripts from untrusted sources. Never run code or commands copied from websites, emails, or messages unless you trust the source and understand what the action does.
• Verify instructions independently. If a website tells you to execute a command or perform a technical action, check through official documentation or contact support before proceeding.
• Limit copy and paste for commands. Manually typing commands instead of copy and paste can reduce the risk of unknowingly running malicious payloads hidden in copied text.
• Secure your devices. Use an up-to-date, real-time anti-malware solution with web protection. Malwarebytes blocks connections to unsafe sites like these.
  
• Educate yourself on evolving attack techniques. Understanding that attacks may come from unexpected places helps maintain vigilance. Keep reading our blog!
• Stay away from sponsored ads in search results. Anyone can buy them and make them look legitimate.

Pro tip: The free Malwarebytes Browser Guard extension warns you when a website tries to copy something to your clipboard.

Stop threats before they can do any harm.

Malwarebytes Browser Guard blocks phishing pages and malicious sites automatically. Free, one click to install. Add it to your browser →

The startup will invest in accelerating product development, hiring new talent, and expanding its customer base.

The post White Circle Raises $11 Million for AI Control Platform appeared first on SecurityWeek.

A recent county court judgment ruled in favour of a plaintiff who sued certain social media companies for damaging her mental health by addictive design practices. What does this mean for the future of social media and online platforms?

Article URL: https://blog.appliedcomputing.io/p/all-the-ways-to-mock-your-rust-code

Comments URL: https://news.ycombinator.com/item?id=48109620

Points: 1

# Comments: 0

Article URL: https://adola.app/

Comments URL: https://news.ycombinator.com/item?id=48109600

Points: 2

# Comments: 0

Article URL: https://nltimes.nl/2026/05/12/europe-soon-get-new-platform-book-train-tickets

Comments URL: https://news.ycombinator.com/item?id=48109593

Points: 1

# Comments: 0

Article URL: https://pxlnv.com/linklog/times-poilievre-fabricated-quote/

Comments URL: https://news.ycombinator.com/item?id=48109588

Points: 2

# Comments: 0

Article URL: https://blog.ptidej.net/multilingual-ambiguity/

Comments URL: https://news.ycombinator.com/item?id=48109578

Points: 1

# Comments: 0

Article URL: https://inessential.com/2026/02/18/why-not-objective-c.html

Comments URL: https://news.ycombinator.com/item?id=48109568

Points: 1

# Comments: 0

Article URL: https://www.nature.com/articles/d41586-026-01521-9

Comments URL: https://news.ycombinator.com/item?id=48109565

Points: 2

# Comments: 0

Article URL: https://twitter.com/paulg/status/1907528478855201096

Comments URL: https://news.ycombinator.com/item?id=48109549

Points: 1

# Comments: 0

Article URL: https://froginawell.net/frog/2026/05/want-to-ai-proof-your-degree-study-history/

Comments URL: https://news.ycombinator.com/item?id=48109543

Points: 1

# Comments: 0

Article URL: https://readgrounded.com/episodes/001-golden-sphere/

Comments URL: https://news.ycombinator.com/item?id=48109536

Points: 1

# Comments: 0

Article URL: https://www.cnn.com/2026/05/12/middleeast/report-sexual-violence-hamas-oct-7-attacks-intl

Comments URL: https://news.ycombinator.com/item?id=48109535

Points: 1

# Comments: 0

Article URL: https://www.epicfurious.com/

Comments URL: https://news.ycombinator.com/item?id=48109519

Points: 1

# Comments: 0

There are surprisingly not that much information on building a rate limiter where a web app has multiple instances running at the same time and needs a rate limiter.

Checking redis on each request is not an option since there are about billion requests daily.

Comments URL: https://news.ycombinator.com/item?id=48109509

Points: 2

# Comments: 0

Article URL: https://www.sciencedaily.com/releases/2026/05/260510030950.htm

Comments URL: https://news.ycombinator.com/item?id=48109497

Points: 2

# Comments: 0

Article URL: https://lgiu.org/south-koreas-housing-crisis-explained/

Comments URL: https://news.ycombinator.com/item?id=48109496

Points: 1

# Comments: 0