Security researchers detected artificial intelligence-generated malware exploiting the React2Shell vulnerability, allowing ...

A surge in LummaStealer infections has been observed, driven by social engineering campaigns leveraging the ClickFix technique to deliver the CastleLoader malware.

Pakistan-aligned APT36 and SideCopy target Indian defense and government entities using phishing-delivered RAT malware across Windows and Linux system ...

Attackers have uploaded over 300 malicious skills to OpenClaw's AI marketplace, turning it into a malware delivery system ...

Businesses are being warned about a new cyber campaign targeting Windows environments where getting in is only the beginning – not the end – of the attack.

Open source packages published on the npm and PyPI repositories were laced with code that stole wallet credentials from dYdX ...

Compromised dYdX npm and PyPI packages delivered wallet-stealing malware and a RAT via poisoned updates in a software supply chain attack.

CrashFix crashes browsers to coerce users into executing commands that deploy a Python RAT, abusing finger.exe and portable Python to evade detection and persist on high‑value systems.

How modern infostealers target macOS systems, leverage Python‑based stealers, and abuse trusted platforms and utilities to ...

Two malware campaigns weaponize open-source software to target executives and cloud systems, combining social engineering ...

Cloud collaboration, macro security, and new tools like Office Scripts, Power Query, and Python are pushing VBA to the margins.

A new malicious campaign mixes the ClickFix method with fake CAPTCHA and a signed Microsoft Application Virtualization (App-V) script to ultimately deliver the Amatera infostealing malware. The ...