A developer-targeting campaign leveraged malicious Next.js repositories to trigger a covert RCE-to-C2 chain through standard ...

SlowMist indicated that in a surge of interest surrounding open-source AI agent framework OpenClaw, its repository, ClawHub, has become hotspot.

A fake CAPTCHA scam is tricking Windows users into running PowerShell commands that install StealC malware and steal passwords, crypto wallets, and more.

A self-replicating npm worm dubbed SANDWORM_MODE hits 19+ packages, harvesting private keys, BIP39 mnemonics, wallet files and LLM API keys from dev environments.

Hundreds of popular add‑ons used encrypted, URL‑sized payloads to send search queries, referrers, and timestamps to outside servers, in some cases tied to data brokers and unknown operators.

This article provides a technical analysis of proteomics data formats, exploring mzML, mzIdentML, and the evolution of ...

A large-scale macOS malware campaign is spreading through sponsored Google search results and trusted online platforms. More ...

A multi-stage malware loader known as OysterLoader has continued to evolve into early 2026, refining its command-and-control (C2) infrastructure and obfuscation methods.

Background In early 2026, OpenClaw (formerly known as Clawdbot and Moltbot), an open-source autonomous AI agent project, quickly attracted global attention. As an automated intelligent application ...

Hackers are using hijacked Google ads to spread powerful Mac infostealer malware by impersonating popular macOS software downloads like 7-Zip and LibreOffice.

Security researchers warn of active attacks on SolarWinds Web Help Desk. Malicious actors are exploiting vulnerabilities to infiltrate systems and then ...