Threat actors are employing a new variation of the ClickFix social engineering technique called InstallFix to convince users ...

The Contagious Interview campaign weaponizes job recruitment to target developers. Threat actors pose as recruiters from crypto and AI companies and deliver backdoors such as OtterCookie and ...

GitLab exposes abuse of its platform to trick software developers into downloading malicious payloads and finance companies ...

The module targets Claude Code, Claude Desktop, Cursor, Microsoft Visual Studio Code (VS Code) Continue, and Windsurf. It also harvests API keys for nine large language models (LLM) providers: ...

A Hong Kong court has ruled that two Tiananmen vigil activists have a case to answer over calls to “end one-party rule” in China in a subversion trial under the Beijing-imposed national security law.

Threat actors are sending physical letters pretending to be from Trezor and Ledger, makers of cryptocurrency hardware wallets, to trick users into submitting recovery phrases in crypto theft attacks.

A dubious link from a friend. A headline too sensational to be true. A video that seems fake but you can't be sure. As online ...

A new study from the Université de Montréal found that AI fake news detectors are far less reliable than advertised, ...

Attackers are using fake Claude Code install pages and malicious search ads to spread infostealer malware targeting Windows and macOS systems.

The cyberattacks blend malvertising with a ClickFix-style technique that highlights risky behavior with AI coding assistants and command-line interfaces.

Fake videos and images depicting fake attacks and fake troops have racked up tens of millions of views on social media platforms in the nearly two weeks since the Iran war began.

Your weekly cybersecurity roundup covering the latest threats, exploits, vulnerabilities, and security news you need to know.