New Clickfix variant ‘CrashFix’ deploying Python Remote Access Trojan

In January 2026, Microsoft Defender Experts identified a new evolution in the ongoing ClickFix campaign. This updated tactic deliberately crashes victims’ browsers and then attempts to lure users into executing malicious commands under the pretext of restoring normal functionality. This variant...

AsyncRAT Campaign Uses Python Payloads and TryCloudflare Tunnels for Stealth Attacks

A malware campaign has been observed delivering a remote access trojan RAT named AsyncRAT by making use of Python payloads and TryCloudflare tunnels. "AsyncRAT is a remote access trojan RAT that exploits the async/await pattern for efficient, asynchronous communication," Forcepoint X-Labs...

Office for Mac Macro Payload Generator: MacPhish

Attack vectors There are 4 attack vectors available: beacon creds meterpreter meterpreter-grant For the ‘creds’ method, macphish can generate the Applescript script directly, in case you need to run it from a shell. beacon On execution, this payload will signal our listening host and provide basi...