China-linked APT24 hackers have been using a previously undocumented malware called BadAudio in a three-year espionage ...
The long-running Contagious Interview campaign is now hiding BeaverTail and InvisibleFerret payloads inside JSON storage services.
The economics of cybercrime have shifted dramatically. What once took skilled attackers weeks to reverse engineer can now be accomplished in hours using AI-powered analysis tools and automated systems ...
Socket’s Threat Research Team has outlined all the details.
The typosquatted “@acitons/artifact” package targeted GitHub’s CI/CD workflows, stealing tokens and publishing malicious artifacts under GitHub’s own name.
With its new browser-in-the-browser capability, the tool helps threat actors fool employees into giving up credentials.
Sneaky 2FA adds BitB phishing and attackers exploit passkey flaws using rogue extensions and downgrade attacks.
Over the last month, Barracuda threat analysts have seen the following notable developments in email-based threats targeting organisations: New tools and tactics for the Tycoon 2FA phishing kit ...
The Gootloader malware scam, which was thought to have been disrupted and shut down in March 2025, has returned with both old, and new tricks, experts have warned.
A widely-adopted JavaScript library has been found carrying a critical vulnerability which could allow threat actors to execute malicious code, remotely. Security researcher Jangwoo Choe discovered an ...
Microsoft has announced plans to improve the security of Entra ID authentication by blocking unauthorized script injection ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results
Feedback