A fake $TEMU crypto airdrop uses the ClickFix trick to make victims run malware themselves and quietly installs a remote-access backdoor.

Threat actors are employing a new variation of the ClickFix social engineering technique called InstallFix to convince users ...

ClickFix campaigns spread MacSync macOS infostealer via malicious Terminal commands since Nov 2025, targeting AI tool users ...

GlassWorm campaign injects malware into GitHub Python repos using stolen tokens since March 8, 2026, exposing developers to ...

Hackers use credentials stolen in the GlassWorm campaign to access GitHub accounts and inject malware into Python repositories.

Attackers are using fake Claude Code install pages and malicious search ads to spread infostealer malware targeting Windows ...

PCWorld reports that hackers are using fake CAPTCHA pages to trick users into installing malware through deceptive keyboard shortcuts. The scam instructs users to press Windows key + R, Ctrl + V, and ...

The Contagious Interview campaign weaponizes job recruitment to target developers. Threat actors pose as recruiters from crypto and AI companies and deliver backdoors such as OtterCookie and ...

Storm-2561 uses SEO poisoning to push fake VPN downloads that install signed trojans and steal VPN credentials. Active since 2025, Storm-2561 mimics trusted brands and abuses legitimate services. This ...

Malicious AI browser extensions posing as helpful assistants harvested ChatGPT and DeepSeek chat data from nearly 900,000 users, Microsoft says.

Hackers are using malvertising campaigns to disguise infostealers as AI tools.

The “headquarters” of a scam ring located along the Cambodia–Thailand border was recently dismantled by authorities. Images from the site show that the suspects invested heavily to turn their ...