ClickFix attacks are delivering BabaDeda, Lorem Ipsum, and Potemkin loaders to deploy stealers, RATs, and ransomware-linked ...
IntroductionIn March 2026, Zscaler ThreatLabz observed multiple instances of typosquatting domains hosting malicious content generated with AI-powered website creation tools. Threat actors are ...
A single pipeline replaced fourteen lines and I never looked back.
From package to postinstall payload: Inside the Mastra npm supply chain compromise by Sapphire Sleet
A poisoned npm package infected 140+ projects with a hidden payload. This report highlights how to detect, hunt, and defend ...
CI/CD pipelines are optimized for code deployments. Long-running operational processes and self-service workflows can be ...
Microsoft Threat Intelligence analyzed a cryptocurrency clipper campaign that combines clipboard theft, wallet replacement, ...
Microsoft says it has detected new self-propagating malware that spreads through USB drives in search of cryptocurrency ...
Microsoft reports a Windows clipper malware campaign using USB-delivered LNK files and Tor-based C2 since Feb 2026, stealing ...
Researchers tracked a seven-week campaign that leveraged trusted platforms and AI-generated trust to trick users into ...
Microsoft’s AutoJack research shows how a malicious webpage rendered by an AI browsing agent can reach local MCP services and ...
In addition to executing entirely in memory, the malware's infection chain incorporates other anti-analysis techniques ...
An urgent alert has been issued to millions of Windows users after the discovery of a new scam that offers Office and Spotify ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results