Ransomware threat actors tracked as Velvet Tempest are using the ClickFix technique and legitimate Windows utilities to deploy the DonutLoader malware and the CastleRAT backdoor.

Microsoft on Monday warned of phishing campaigns that employ phishing emails and OAuth URL redirection mechanisms to bypass conventional phishing defenses implemented in email and browsers. The ...

Crims hope for payday from malicious payloads rather than stealing access tokens Microsoft has warned organizations about ...

OpenAI has launched the Codex app for Windows, a desktop tool that lets developers run multiple AI coding agents, automate tasks and manage software projects directly from their PC ...

New malware spreads via fake GitHub downloads, stealing browser passwords, crypto wallets, Discord tokens, and credit card ...

BlackBox AI, a popular VS Code coding assistant, has a critical indirect prompt injection vulnerability. Hackers can exploit this to gain remote root access to a user’s computer.

OpenAI has released its Codex desktop app for Windows, adding a native sandbox and PowerShell support, enabling developers to ...

OAuth redirection is being repurposed as a phishing delivery path. Trusted authentication flows are weaponized to move users ...

North Korean-linked campaign publishes 26 malicious npm packages hiding C2 in Pastebin, deploying credential stealers & RAT via 31 Vercel deployments.

Celebrate International Women’s Day by discovering the inspiring stories of Kerala's certified women snake rescuers ...

Overview On February 11, 2026, NSFOCUS CERT monitored Microsoft’s release of its February security update patches, addressing 59 security issues across widely used products such as Windows, Azure, ...