A new attack technique dubbed HalluSquatting turns AI assistants’ tendency to hallucinate into a scalable infection vector.
In Operation Muck and Load, over 200 GitHub repositories serve a Go module that leads to Windows malware infections.
GigaWiper is a destructive backdoor that combines multiple wiping and ransomware-like capabilities into a single operational ...
Socket found a compromised Injective npm package stealing wallet keys amid rising crypto supply chain attacks.
Sophos says Claude Code, Cursor, and Codex triggered Windows endpoint rules for credential access, LOLBin downloads, and ...
According to Socket, malicious payment SDK packages on npm and PyPI are harvesting developer credentials and CI/CD ...
a laptop screen with a webpage of the IT Army of Ukraine group of volunteer hackers. The IT Army of Ukraine first set up in the wake of Russia's devastating attack, and has since hugely grown in ...
EXCLUSIVE There's no honor among thieves as a new worm steals from other infectious software. It pilfers “multiple” victims’ ...
A threat group researchers call "Armored Likho" has gained access to government agencies and electrical power entities in ...
Armored Likho, a new APT group using AI-generated malware and the BusySnake Stealer to target government agencies and power ...
Armored Likho BusySnake Stealer, a Python-based infostealer first disclosed by Kaspersky, is actively targeting government ...