In addition to rolling out patches to address two zero-days affecting SQL Server and .NET, Microsoft introduced Common Log ...

Infosecurity spoke to several experts to explore what CISOs should do to contain the viral AI agent tool’s security vulnerabilities ...

A fake $TEMU crypto airdrop uses the ClickFix trick to make victims run malware themselves and quietly installs a remote-access backdoor.

Storm-2561 uses SEO poisoning to push fake VPN downloads that install signed trojans and steal VPN credentials. Active since 2025, Storm-2561 mimics trusted brands and abuses legitimate services. This ...

IntroductionOn March 1, 2026, ThreatLabz observed new activity from a China-nexus threat actor targeting countries in the Persian Gulf region. The activity took place within the first 24 hours of the ...

The Contagious Interview campaign weaponizes job recruitment to target developers. Threat actors pose as recruiters from crypto and AI companies and deliver backdoors such as OtterCookie and ...

New hacking cluster exploits web servers and Mimikatz to infiltrate Asian infrastructure for long-term espionage in aviation, ...

Today is Microsoft's March 2026 Patch Tuesday with security updates for 79 flaws, including 2 publicly disclosed zero-day ...

Something else to worry about.

The South Florida Water Management District is in its second year of managing a Python Removal Program. Winners win cash ...

A new ClickFix attack variant uses fake CAPTCHA pages instructing victims to paste and execute malicious commands in Windows Terminal.

Ransomware threat actors tracked as Velvet Tempest are using the ClickFix technique and legitimate Windows utilities to deploy the DonutLoader malware and the CastleRAT backdoor.