The Contagious Interview campaign weaponizes job recruitment to target developers. Threat actors pose as recruiters from crypto and AI companies and deliver backdoors such as OtterCookie and ...

Something else to worry about.

It uses some of the oldest tricks in the book.

Ransomware threat actors tracked as Velvet Tempest are using the ClickFix technique and legitimate Windows utilities to deploy the DonutLoader malware and the CastleRAT backdoor.

Iran-linked MuddyWater hackers breached U.S. networks with new Dindoor malware as regional cyber attacks escalate amid Middle East conflict.

OAuth redirection is being repurposed as a phishing delivery path. Trusted authentication flows are weaponized to move users ...

The Arkanix infostealer combines LLM-assisted development with a malware-as-a-service model, using dual language implementations to maximize reach and establish persistence.

A bad actor used AI tools to compromise more than 600 FortiGate appliances around the world in five weeks, Amazon says, the latest example of how hackers are increasing are using the technology to ...

A sophisticated Python-based malware deployment uncovered during a fraud investigation has revealed a layered attack involving obfuscation, disposable infrastructure and commercial offensive tools.

Two newly uncovered malware campaigns are exploiting open-source software across Windows and Linux environments to target enterprise executives and cloud systems, signaling a sharp escalation in both ...

Abstract: Malicious Python packages make software supply chains vulnerable by exploiting trust in open-source repositories like Python Package Index (PyPI). Lack of real-time behavioral monitoring ...