Weedhack malware targets Minecraft players via YouTube and SEO poisoning since Jan 2026, enabling credential theft and remote ...

For several weeks now, multiple waves of fake GTA 6 betas have been circulating online, specifically targeting Windows and ...

Fake Claude Code installer malware used Google Ads to place spoofed AI tool pages above real documentation since March 2026.

SVG phishing email attacks are bypassing enterprise email security gateways by hiding JavaScript inside image files and ...

OliveTin puts all my annoying server jobs behind browser buttons within easy reach.

A dependency confusion campaign leveraged 33 malicious npm packages to collect reconnaissance data from developer and build environments. This report details the attack chain, observed tradecraft, and ...

Ghost CMS flaw CVE-2026-26980 enabled attacks on 700+ sites, injecting ClickFix malware through fake CAPTCHA pages.

A legacy Windows scripting utility tied to Internet Explorer is still being used in modern malware campaigns, researchers say.

ThreatDown’s EDR team discovered a sophisticated, multi-stage attack chain during an active investigation; the first documented case of attackers abusing the Deno runtime as a malware execution ...

Many organisations are turning to virtualisation of apps and desktops. This often involves virtualisation platforms such as Citrix to deliver these services. Get your configuration or lock-down wrong ...

Attackers use fake Fortinet dialogs and social engineering to trick users into executing malware Cache smuggling hides malware in browser cache, bypassing download and PowerShell detection tools ...