A dependency confusion campaign leveraged 33 malicious npm packages to collect reconnaissance data from developer and build environments. This report details the attack chain, observed tradecraft, and ...

Your browser is more than just another app—it's your gateway to the web. We break down the strengths and weaknesses of today's top browsers to help you find the best fit for your needs.

Downloading executable installer files from random websites is the best way to put malware on your Windows PC. Stop doing ...

Bumblebee from Perplexity scans developer machines for compromised packages and AI tool configs, without triggering malware.

The OWASP-backed tool scans JavaScript and TypeScript lockfiles locally, aiming to help developers catch and remediate ...

Lazarus Group has deployed RemotePE, a fully memory-resident trojan that is extremely hard for traditional antivirus and forensic tools to detect.

Ghostwriter used Prometheus lures since spring 2026 to target Ukraine agencies, enabling malware delivery and data theft.

We live in a time of wonder and magic. I just used Google AI Studio to create a full-featured Markdown editor and it's ...

It is the middle of the day and as shoppers buy their groceries a man rides a moped inside a Co-op store. As he emerges ...

Attackers are increasingly abusing Microsoft’s legacy MSHTA utility to silently deliver malware, stealers, and persistent ...

A fake Claude code installer can successfully exfiltrate decrypted cookies, passwords and payment methods from Chromium browsers. Here's how.

Cybersecurity experts are warning about a rising 'ClickFix' scam that disguises itself as a routine CAPTCHA check but tricks users into executing malicious commands. The attack installs ...