Threat actors are now abusing DNS queries as part of ClickFix social engineering attacks to deliver malware, making this the first known use of DNS as a channel in these campaigns.

A new variation of the fake recruiter campaign from North Korean threat actors is targeting JavaScript and Python developers ...

North Korea-linked Lazarus campaign spreads malicious npm and PyPI packages via fake crypto job offers, deploying RATs and data-stealing malware.

Darktrace researchers say hackers used AI and LLMs to create malware to exploit the React2Shell vulnerability to mine ...

Microsoft warns that Python-based infostealers are increasingly targeting macOS, harvesting sensitive data and challenging ...

Compromised dYdX npm and PyPI packages delivered wallet-stealing malware and a RAT via poisoned updates in a software supply chain attack.

CrashFix crashes browsers to coerce users into executing commands that deploy a Python RAT, abusing finger.exe and portable Python to evade detection and persist on high‑value systems.

Gone are the days when Windows was always the number one target for cybercriminals - as new research has found macOS is ...

How modern infostealers target macOS systems, leverage Python‑based stealers, and abuse trusted platforms and utilities to ...

Two malware campaigns weaponize open-source software to target executives and cloud systems, combining social engineering ...

From Russian GRU operations to Chinese espionage campaigns, AI is transforming cyber warfare. But that change is a bit more nuanced ...

Now that Windows 10 is no longer supported, it's become a more attractive target for hackers. That doesn't mean you need to upgrade right away—here's how to stay protected. When the IBM PC was new, I ...