VOID#GEIST malware campaign delivers XWorm, AsyncRAT, and Xeno RAT using batch scripts, Python loaders, and explorer.exe ...

Fake OpenClaw installers hosted in GitHub repositories and promoted by Microsoft Bing's AI-enhanced search feature instructed users to run commands that deployed information stealers and proxy malware ...

OAuth redirection is being repurposed as a phishing delivery path. Trusted authentication flows are weaponized to move users ...

Microsoft researchers found a ClickFix campaign that uses the nslookup tool to have users infect their own system with a Remote Access Trojan.

Operation Dream Job is evolving once again, and now comes through malicious dependencies on bare-bones projects.

Two newly uncovered malware campaigns are exploiting open-source software across Windows and Linux environments to target enterprise executives and cloud systems, signaling a sharp escalation in both ...

Researchers have discovered a never-before-seen framework that infects Linux machines with a wide assortment of modules that are notable for the range of advanced capabilities they provide to ...

An emerging phishing campaign is exploiting a dangerous combination of legitimate Cloudflare services and open source Python tools to deliver the commodity AsyncRAT. The attack demonstrates threat ...

Browser extensions promise convenience. Many offer simple tools like new tab pages, translators or video helpers. Researchers, however, uncovered a long-running malware operation that abused that ...

Typing a web address directly into your browser feels harmless. In fact, it feels normal. But new research shows that a simple habit is now one of the riskiest things you can do online. A recent study ...