Microsoft

Developer-targeting campaign using malicious Next.js repositories

A developer-targeting campaign leveraged malicious Next.js repositories to trigger a covert RCE-to-C2 chain through standard ...

Pastebin comments push ClickFix JavaScript attack to hijack crypto swaps

Threat actors are abusing Pastebin comments to distribute a new ClickFix-style attack that tricks cryptocurrency users into ...

What 5 Million Apps Revealed About Secrets in JavaScript

Leaked API keys are nothing new, but the scale of the problem in front-end code has been largely a mystery - until now. Intruder's research team built a new secrets detection method and scanned 5 ...

Nearly 20m views: Bodycam shows dozens of shirtless pledges in Iowa frat basement

Disturbing video of an alleged 2024 hazing incident at the University of Iowa's Alpha Delta Phi fraternity is now going viral after it is posted to YouTube and ...

These Malicious AI Assistants in Chrome Are Stealing User Credentials

Attackers are impersonating ChatGPT, Gemini, and Grok.