The fact that payload delivery and data exfiltration occur via trusted cloud services such as GitHub, Bitbucket, Pastebin, and Discord allows the threat actors to blend in with normal traffic and fly ...

It’s a cross-site scripting vulnerability present in open-source webmail platform Roundcube, and abuses a desanitization ...

The new malware exploits a weakness in Discord’s invitation system to deliver an information stealer known as Skuld and the ...

Hackers are hijacking expired or deleted Discord invite links to redirect users to malicious sites that deliver remote access ...

Threat actors have abused the TeamFiltration pentesting framework to target over 80,000 Entra ID user accounts.

A new Rust‑ based info‑stealer called Myth Stealer spreads via fake gaming sites, targeting Chrome and Firefox credentials with loaders.

Unlike your typical Windows malware, bootkit malware targets your computer’s boot process which allows an attacker to gain ...

Sophos thinks a single person or group called "ischhfd83" is behind more than a hundred backdoored malware variants targeting ...

A hacker targets other hackers, gamers, and researchers with exploits, bots, and game cheats in source code hosted on GitHub ...

New malware campaign uses typo-squatting and fake developer packages to spread threats across Windows and Linux.

A new malware campaign using fake DocuSign verification pages to deploy the NetSupport Remote Access Trojan (RAT) has been ...