Researchers from Zscaler found a new malware campaign dubbed Edgecution.
A malicious npm package has been caught impersonating one of the JavaScript ecosystem's most widely used build tools. The ...
JFrog found malicious npm packages that deploy a Windows RAT to steal Chrome credentials, run commands, and transfer files.
When Windows fails, this tiny USB drive takes over.
The North Korean state-sponsored hacking group known as ScarCruft (aka APT37) has been observed using spear-phishing messages impersonating Microsoft Account security notifications to deliver a new ...
PSA: The widely used 7-Zip utility is once again affected by a potentially dangerous security vulnerability. The open-source file archiver can be exploited to execute malicious code by tricking users ...
In January 2026, Microsoft Defender Experts identified a new evolution in the ongoing ClickFix campaign. This updated tactic deliberately crashes victims’ browsers and then attempts to lure users into ...
This project is now archived. It has been succedded by Hitrava which performs the same job but better. N.B. Huawei have caught onto us, and you now need a rooted phone to be able to use this method.
Attackers behind a self-propagating malware campaign targeting Brazilian financial institutions have accelerated and upgraded their malicious activity, using artificial intelligence (AI) to spawn a ...
A recent investigation has revealed a phishing campaign that began with a simple Python-based infostealer but ultimately led to the deployment of PureRAT, a full-featured commodity remote access ...