Mythos combined four separate low-severity bugs into a complete browser sandbox escape. Traditional scanners evaluate ...

A ClickFix campaign targeting macOS users delivers an AppleScript-based infostealer that collects credentials and live ...

The Bitwarden CLI was briefly compromised after attackers uploaded a malicious @bitwarden/cli package to npm containing a credential-stealing payload capable of spreading to other projects.

The Bitwarden CLI NPM package compromise is tied to a Checkmarx supply chain attack and references the Shai-Hulud worm.

UNC6692 has been attributed to a large email campaign that's designed to overwhelm a target's inbox with a flood of spam ...

Malwarebytes recently uncovered a new malicious campaign targeting the Windows Update service. Focused on French-speaking users, the campaign uses layered obfuscation techniques to deliver multiple ...

A cyber group is impersonating IT helpdesk staff via Microsoft Teams to deploy malware and target corporate systems.

The latest monthly Patch Tuesday update from Microsoft landed earlier on 14 April, including two notable zero-day flaws amid ...

Imagine getting asked to do something by a person in authority. An unknown malware slinger targeting open source software ...

CISA has added eight more vulnerabilities to the KEV catalog, including Cisco, Kentico, and Zimbra flaws not previously ...

Hackers can now take over WordPress sites instantly using a simple plugin flaw ...