The long-running Contagious Interview campaign is now hiding BeaverTail and InvisibleFerret payloads inside JSON storage ...
China-linked APT24 hackers have been using a previously undocumented malware called BadAudio in a three-year espionage campaign that recently switched to more sophisticated attack methods.
Hundreds of trojanized versions of well-known packages such as Zapier, ENS Domains, PostHog, and Postman have been planted in ...
Gootloader JavaScript malware, commonly used to deliver ransomware, is back in action after a period of reduced activity.
TamperedChef spreads through fake installers and SEO abuse, delivering a persistent JavaScript backdoor across multiple ...
Huntress finds three GootLoader infections since Oct 27, 2025; two led to domain controller compromise within 17 hours.
The typosquatted “@acitons/artifact” package targeted GitHub’s CI/CD workflows, stealing tokens and publishing malicious ...
The economics of cybercrime have shifted dramatically. What once took skilled attackers weeks to reverse engineer can now be accomplished in hours using AI-powered analysis tools and automated systems ...
A North Korea-linked hacking campaign hides advanced malware inside public JSON storage services during fake job tests.
Security researchers at Push Security are warning that Sneaky2FA, an advanced phishing-as-a-service (PhaaS) kit, has released ...
With its new browser-in-the-browser capability, the tool helps threat actors fool employees into giving up credentials.
Unpatched versions of Imunify360 AV expose hosting platforms that serve up to 56 million websites to possible full server ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results
Feedback