A developer-targeting campaign leveraged malicious Next.js repositories to trigger a covert RCE-to-C2 chain through standard ...

While the Windows maker did not attribute the activity to a specific threat actor, the use of VS Code tasks and Vercel ...

Malware continues to evolve, becoming more sophisticated and harder to detect. One of the most challenging types is polymorphic malware — malicious software that constantly changes its code to evade ...

Mobile platforms operate under fundamentally different trust assumptions than we relied on for web security. Your mobile ...

A hacker jailbroke Claude to steal 150GB of Mexican government data in a month-long campaign. CrowdStrike's latest threat report shows it's part of a wider pattern — and maps four domains most ...

Linked to North Korean fake job-recruitment campaigns, the poisoned repositories are aimed at establishing persistent C2 ...

Developers Can Now Search, Analyze, and Secure PHP Dependencies with AI-Powered Supply Chain Protection It would be ...

The npm registry now includes Socket security analysis links directly on package pages to help developers assess supply chain risks.

Blockchain investigator ZachXBT said a senior employee at onchain trading platform Axiom Exchange allegedly misused internal ...

This week, Finland's Aleksanteri Kivimäki sentenced. ShinyHunters breaches. Laptop farm rancher sentenced. Oregon state ...

A multi-stage malware loader known as OysterLoader has continued to evolve into early 2026, refining its command-and-control (C2) infrastructure and obfuscation methods.

IntroductionIn December 2025, Zscaler ThreatLabz discovered a campaign linked to APT37 (also known as ScarCruft, Ruby Sleet, and Velvet Chollima), which is a DPRK-backed threat group. In this campaign ...