Malicious Chrome extensions tied to ownership transfers push malware and steal data, exposing thousands to credential theft ...

Distributed through over 100 GitHub repositories, the BoryptGrab stealer targets browser, wallet, system, and other user data ...

IntroductionThreat actors often take advantage of major global events to fuel interest in their malicious activities. Zscaler ThreatLabz is diligently tracking a surge in cybercriminal activity that ...

Romania’s Government Private Cloud, the largest critical digital infrastructure developed in the country, is entering the ...

Microsoft reveals ClickFix campaign abusing Windows Terminal to deliver Lumma Stealer and steal browser credentials.

Fix OneNote can't connect to the server, Sync will resume once we connect. You don't need to take any action. (0x803D0014 ...

Processing an ordinary-looking photograph could silently trigger malicious code on macOS systems due to a newly disclosed vulnerability in widely used metadata software, raising fresh concerns about ...

A ModelScope MS-Agent vulnerability allows attackers to feed malicious commands to AI agents and modify system files or steal ...

Microsoft's Defender Security Research Team has identified a series of phishing campaigns in which an unknown attacker used digitally signed malware masked as common workplace applications to deploy ...

Security researchers have uncovered a complex cyber operation targeting telecommunications infrastructure with newly identified malware tools. The campaign, active since 2024, focuses on telecom ...

BlackBox AI, a popular VS Code coding assistant, has a critical indirect prompt injection vulnerability. Hackers can exploit this to gain remote root access to a user’s computer.

Ransomware threat actors tracked as Velvet Tempest are using the ClickFix technique and legitimate Windows utilities to deploy the DonutLoader malware and the CastleRAT backdoor.