The long-running Contagious Interview campaign is now hiding BeaverTail and InvisibleFerret payloads inside JSON storage ...
China-linked APT24 hackers have been using a previously undocumented malware called BadAudio in a three-year espionage campaign that recently switched to more sophisticated attack methods.
Huntress finds three GootLoader infections since Oct 27, 2025; two led to domain controller compromise within 17 hours.
Gootloader JavaScript malware, commonly used to deliver ransomware, is back in action after a period of reduced activity.
The typosquatted “@acitons/artifact” package targeted GitHub’s CI/CD workflows, stealing tokens and publishing malicious ...
TamperedChef spreads through fake installers and SEO abuse, delivering a persistent JavaScript backdoor across multiple ...
The economics of cybercrime have shifted dramatically. What once took skilled attackers weeks to reverse engineer can now be accomplished in hours using AI-powered analysis tools and automated systems ...
Cryptopolitan on MSN
3 VS Code extensions stealing credentials for GitHub, VSX, and crypto wallets
Developers will have to contend with a dormant turned active malicious code on Visual Studio Code (VS Code) extensions, which is believed to have compromised ...
With its new browser-in-the-browser capability, the tool helps threat actors fool employees into giving up credentials.
The GlassWorm malware campaign, which impacted the OpenVSX and Visual Studio Code marketplaces last month, has returned with ...
A North Korea-linked hacking campaign hides advanced malware inside public JSON storage services during fake job tests.
Security researchers at Push Security are warning that Sneaky2FA, an advanced phishing-as-a-service (PhaaS) kit, has released ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results
Feedback