The infostealer was delivered via CVE-2026-48558, a critical authentication bypass vulnerability in SimpleHelp.
Residents at the Walker County Hospital District Board of Managers' June meeting accused the board of hiding its true ...
The Bluekit phishing-as-a-service platform continues to evolve with nearly 70 new hostnames identified over the past week and ...
Operation Endgame malware takedown seized 326 servers, froze $47M in criminal cryptocurrency, and recovered 27 million stolen ...
Microsoft Threat Intelligence is warning Windows users about a cryptocurrency clipper strain of malware transmitted via USB drives. The malware, which has been affecting users since February, steals ...
Researchers have uncovered a supply-chain attack that hides in Python packages, propagates like a worm, and tricks LLM-based code analysis systems into overlooking malicious payloads. Threat actors ...
GitHub disabled 73 Microsoft repositories after a Miasma supply chain attack. Malicious commits targeted AI coding tools, VS Code, and developer workstations. Developers should rotate credentials if ...
A fresh wave of phishing emails is exploiting a blind spot in enterprise email security tools — one that most organizations have not closed — by disguising executable JavaScript inside SVG image files ...
A widely active phishing-as-a-service (PhaaS) operation known as FlowerStorm has begun using a browser-based virtual machine to conceal credential theft code, marking what researchers say is an ...
The Australian Cyber Security Centre (ACSC) has stepped in to warn users of an active attack campaign targeting Windows users with Vidar Stealer malware, which is delivered through the so-called ...
- Obfuscated JavaScript creates a WebSocket backdoor using dynamically executed JavaScript. - The WebSocket sends an obfuscated JavaScript payload to inject a credit card skimmer into the webpage. - ...
Editor's take: Microsoft has increasingly turned Windows Update into a point of frustration for some users, all while cybercriminals continue to exploit weaknesses in the Windows platform to deploy ...