New WhatsApp Web attack spreads self-propagating ZIP files containing Astaroth banking malware through trusted conversations. Boto Cor-de-Rosa campaign tracks delivery success.

Two fake spellchecker packages on PyPI hid a Python RAT in dictionary files, activating malware on import in version 1.2.0.

A malvertising campaign is using a fake ad-blocking Chrome and Edge extension named NexShield that intentionally crashes the ...

Researchers uncovered a CrashFix campaign where a fake Chrome ad blocker crashes browsers to trick users into installing the ModeloRAT malware.

Internet security watchdog Shadowserver tracks nearly 800,000 IP addresses with Telnet fingerprints amid ongoing attacks exploiting a critical authentication bypass vulnerability in the GNU InetUtils ...

Your phone is so powerful. Let's put that power to good use.

ClickFix variant CrashFix relies on a malicious Chrome extension to crash the browser and trick victims into installing the ...

Stranger Things concept of the “Upside Down” is a useful way to think about the risks lurking in the software we all rely on.

Moltbot’s viral open-source AI assistant wowed users with automation power but sparked major security, privacy, and misuse concerns.

Knostic found 1,862 MCP servers exposed with zero authentication. Here are five actions CISOs should take now.

ChatGPT has quietly gained bash support and multi-language capabilities, enabling users to run commands and install packages in containers without official announcements.

It's a great NAS with great hardware, but the lack of SSH access is frustrating.