Researchers identified what they believe is the first documented case of a ransomware operation, JadePuffer, conducted ...
Learn how EvilTokens hides Microsoft 365 phishing behind browser-side decryption and how browser-level analysis helps SOC ...
North Korean hackers are targeting open source software developers with a backdoor and an information stealer as part of a ...
The campaign spans npm, Packagist, Go, and Chrome, using obfuscated JavaScript loaders and VS Code tasks to deliver malware.
Researchers have found a never-before-seen piece of macOS malware that combines a series of clever tradecraft to infect Macs ...
Securonix uncovers the Veil#Drop malware framework, which abuses compromised websites and Google Blogspot to deploy the PureLog information stealer.
A practitioner's breakdown of the CSRF attack: how the forged request works, two documented exploits, a manual test, and the ...
A SimpleHelp authentication flaw is being exploited to deploy Djinn Stealer, a cross-platform malware targeting cloud, ...
JFrog says six malicious npm packages used hidden install-time execution, JSONKeeper fetches, and sandbox checks to enable remote access.
North Korean threat actors are escalating the PolinRider supply chain attack across Go, Packagist, and npm package ...
A new Mac infostealer dubbed PamStealer impersonates the open-source Maccy clipboard manager to steal passwords and more.