Proofpoint says UNK_DeadDrop sent 250+ phishing emails to nearly 100 firms, using GitHub and VS Code lures to steal ...
From package to postinstall payload: Inside the Mastra npm supply chain compromise by Sapphire Sleet
A poisoned npm package infected 140+ projects with a hidden payload. This report highlights how to detect, hunt, and defend ...
Researchers have uncovered a supply-chain attack that hides in Python packages, propagates like a worm, and tricks LLM-based ...
Today is Microsoft's June 2026 Patch Tuesday, with security updates for 200 flaws, including five publicly disclosed zero-day ...
Microsoft Threat Intelligence analyzed a cryptocurrency clipper campaign that combines clipboard theft, wallet replacement, ...
Microsoft’s AutoJack research shows how a malicious webpage rendered by an AI browsing agent can reach local MCP services and ...
The Miasma supply chain campaign has sparked a fresh attack wave called Hades, this time involving 37 malicious wheel ...
Microsoft has finally acknowledged that a default action in Windows 11 versions 25H2 and 24H2 disrupted a key legacy ...
Microsoft says it has detected new self-propagating malware that spreads through USB drives in search of cryptocurrency ...
Google has released emergency updates to patch another Chrome zero-day vulnerability that has been exploited in the wild, the ...
There's another likely North Korean-linked scam hitting developers and their employers, while snarfing up credentials and ...
Based“Crypto Clipper” Malware Spread. Microsoft Threat Intelligence has issued a warning to Windows users about a ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results