CrashFix crashes browsers to coerce users into executing commands that deploy a Python RAT, abusing finger.exe and portable Python to evade detection and persist on high‑value systems.

A new variation of the fake recruiter campaign from North Korean threat actors is targeting JavaScript and Python developers ...

Pakistan-aligned APT36 and SideCopy target Indian defense and government entities using phishing-delivered RAT malware across Windows and Linux system ...

Microsoft, Huntress, and Intego this month detailed attacks that show the ongoing evolution of the highly popular compromise technique.

ClickFix campaigns have adapted to the latest defenses with a new technique to trick users into infecting their own machines with malware.

Compromised dYdX npm and PyPI packages delivered wallet-stealing malware and a RAT via poisoned updates in a software supply chain attack.

Microsoft researchers found a ClickFix campaign that uses the nslookup tool to have users infect their own system with a Remote Access Trojan.

Researchers have revealed that bad actors are targeting dYdX and using malicious packages to empty its user wallets.

India is being targeted by multiple espionage campaigns delivered by the Pakistan-attributed Transparent Tribe (aka APT36).

Microsoft has warned users that threat actors are leveraging a new variant of the ClickFix technique to deliver malware.

Open source packages published on the npm and PyPI repositories were laced with code that stole wallet credentials from dYdX developers and backend systems and, in some cases, backdoored devices, ...

I’m always raving about all the wildlife and outdoor adventures we have here in Kansas, but much like an inverse bucket list, ...