VOID#GEIST malware campaign delivers XWorm, AsyncRAT, and Xeno RAT using batch scripts, Python loaders, and explorer.exe ...

Google will start shipping fresh Chrome milestones every two weeks beginning with version 153 on Sept. 8, slicing its long-standing four-week cadence in half. The change spans desktop, Android, iOS, ...

BlackBox AI, a popular VS Code coding assistant, has a critical indirect prompt injection vulnerability. Hackers can exploit this to gain remote root access to a user’s computer.

Researchers warn Iranian state-backed Seedworm hackers have infiltrated US–Israeli critical networks, raising fears of cyber attacks targeting US banking, airline, and tech sectors.

Signed malware backed by a stolen EV certificate deployed legitimate RMM tools to gain persistent access inside enterprise ...

North Korean-linked campaign publishes 26 malicious npm packages hiding C2 in Pastebin, deploying credential stealers & RAT via 31 Vercel deployments.

Microsoft's Defender Security Research Team has identified a series of phishing campaigns in which an unknown attacker used digitally signed malware masked as common workplace applications to deploy ...

Mammoth Energy Services, Inc. (NASDAQ: TUSK) (“Mammoth” or the “Company”) today reported financial and operational results fo ...

OAuth redirection is being repurposed as a phishing delivery path. Trusted authentication flows are weaponized to move users ...

A routine RDP brute-force alert led to unusual credential hunting and a geo-distributed VPN-linked infrastructure. Huntress Labs explains how one compromised login unraveled a suspected ...