The Hacker News

Microsoft Discloses DNS-Based ClickFix Attack Using Nslookup for Malware Staging

Microsoft details a new ClickFix variant abusing DNS nslookup commands to stage malware, enabling stealthy payload delivery and RAT deployment.
SecurityWeek

Microsoft Warns of ClickFix Attack Abusing DNS Lookups

Microsoft has warned users that threat actors are leveraging a new variant of the ClickFix technique to deliver malware.
Computerworld

Exploit goes public for Windows DNS Server bug

A public exploit appeared just two days after Microsoft Corp. acknowledged a critical vulnerability in its server software, a change one security company said “greatly increases” the chances of a ...

New ClickFix attack abuses nslookup to retrieve PowerShell payload via DNS

Threat actors are now abusing DNS queries as part of ClickFix social engineering attacks to deliver malware, making this the first known use of DNS as a channel in these campaigns.
ZDNet

RPC DNS exploit can compromise your whole company

Companies that haven't applied the workarounds for the Microsoft DNS server flaw yet need to make it their top priority. This is NOT something that can wait for a planned weekly or monthly outage; the ...
CSOonline

Microsoft Windows Critical DNS Patch Still to Come

Microsoft hopes to fix by May 8 a critical flaw in Windows DNS servers that is being exploited by online criminals, the company said late Tuesday. Microsoft has been under pressure to address the flaw ...