ThreatDown, the corporate business unit of Malwarebytes, today published research documenting what researchers believe to be the first documented case of attackers abusing the Deno JavaScript runtime ...

In recent months, Microsoft Threat Intelligence identified email campaigns using lures around W-2, tax forms, or similar ...

Distributed through over 100 GitHub repositories, the BoryptGrab stealer targets browser, wallet, system, and other user data ...

BlackSanta is a malware module that kills EDR and AV at the kernel level prior to unleashing the malware’s final purpose.

Storm-2561 uses SEO poisoning to push fake VPN downloads that install signed trojans and steal VPN credentials. Active since 2025, Storm-2561 mimics trusted brands and abuses legitimate services. This ...

Ransomware hackers exploited a flaw with a maximum vulnerability score in Cisco firewall management software weeks before the networking giant disclosed the ...

Claude Code bypasses security controls by acting locally before monitoring, exposing data risks and audit gaps.

The digital battlefield is shifting. For decades, the fight between security software and malicious code was a game of ...

Romania’s Government Private Cloud, the largest critical digital infrastructure developed in the country, is entering the ...

Fix OneNote can't connect to the server, Sync will resume once we connect. You don't need to take any action. (0x803D0014 ...

Hundreds of GitHub repositories seemingly offering “free game cheats” deliver malware, including the Vidar infostealer, ...

Microsoft reveals ClickFix campaign abusing Windows Terminal to deliver Lumma Stealer and steal browser credentials.