Ongoing research into AI agent framework security identified an exploit chain in AutoGen Studio (AutoGen’s open-source prototyping user interface) that allows untrusted web content rendered by a ...

TL;DR Introduction At the start of this year, I wrote a blog on how 2025 was the ‘year of the infostealer’, and it doesn’t ...

The FBI has issued a stark warning about a sophisticated cyber threat using fake websites and login pages to steal your money ...

ClickFix attacks are delivering BabaDeda, Lorem Ipsum, and Potemkin loaders to deploy stealers, RATs, and ransomware-linked ...

A poisoned npm package infected 140+ projects with a hidden payload. This report highlights how to detect, hunt, and defend ...

Cybersecurity roundup: supply chain threats, AI agent risks, browser-cloning malware, mule networks, endpoint bypasses, and ...

Microsoft discovered a self-spreading USB worm active since February that monitors clipboards for crypto wallets and routes stolen data through Tor.

Fake Claude Code install sites are pushing malware that steals API keys, developer credentials, crypto wallets, and other sensitive data.

WhatsApp for Windows is a slow, RAM-hungry web wrapper. With Microsoft committed to WinUI, there's no excuse not to build a ...

Microsoft Threat Intelligence is warning Windows users about a cryptocurrency clipper strain of malware transmitted via USB drives. The malware, which has been affecting users since February, steals ...

Mastra AI’s 144 JavaScript packages was executed in just 88 minutes by North Korea’s Sapphire Sleet hacking group, which ...