New phishing tactics are abusing trusted domains, real CAPTCHAs, and server-side email validation to selectively target ...

After extracting browser data and crypto wallet extension files, the malware gets the stolen information ready for encryption ...

By downloading what they believe is an AI-generated video, victims have installed malware that can steal their data or offer ...

Microsoft patches at least 70 security bugs and flagged five zero-days in the “exploitation detected” category.

Marbled Dust has been exploiting a vulnerability in user accounts associated with the Kurdish military operating in Iraq for ...

The Noodlophile malware harvests browser credentials, cryptocurrency wallet information and other sensitive data.

"Instead of relying on traditional phishing or cracked software sites, they build convincing AI-themed platforms – often ...

OtterCookie v3 has been found to incorporate a new upload module to send files matching a predefined set of extensions to the ...

Supply chain attack compromises the popular rand-user-agent scraping NPM package to deploy and activate a backdoor.

ECHO open source tool hijacks malware’s own update mechanisms to neutralize infections, offering a faster, scalable way to ...

An npm package named 'rand-user-agent' has been compromised in a supply chain attack to inject obfuscated code that activates ...