ThreatDown, the corporate business unit of Malwarebytes, today published research documenting what researchers believe to be ...

Researchers say they’ve discovered a supply-chain attack flooding repositories with malicious packages that contain invisible code, a technique that’s flummoxing traditional defenses designed to ...

New ClickFix variant maps WebDAV drive to run trojanized WorkFlowy app, enabling stealth C2 beacon and payload delivery.

GitLab exposes abuse of its platform to trick software developers into downloading malicious payloads and finance companies into hiring North Koreans.

GhostClaw poses as an OpenClaw installer package, stealing system credentials and sensitive data before deploying a persistent RAT.

This week, Russian hackers targeted Signal and WhatsApp users, permit-fee phishing hit U.S. applicants, ClickFix on WordPress ...

Anthropic’s Claude Opus 4.6 AI found 22 Firefox vulnerabilities, including 14 high severity, helping Mozilla patch flaws in Firefox 148.

A malicious npm package disguised as a legitimate AI tool to install the virally popular OpenClaw, but designed to steal system passwords and crypto wallets, has been identified by cybersecurity ...

A flurry of well-timed bets and anonymous on Polymarket right before the U.S. strike on Iran shows the need for reform.

YouTube's AI deepfake detection tool is becoming available to politicians, journalists, and officials, letting them flag unauthorized likenesses for removal.

Social media companies are under pressure to crack down on so-called deepfake videos that use deceptive images of real people.