New ClickFix variant maps WebDAV drive to run trojanized WorkFlowy app, enabling stealth C2 beacon and payload delivery.

A new malware strain dubbed Slopoly, likely created using generative AI tools, allowed a threat actor to remain on a compromised server for more than a week and steal data in an Interlock ransomware ...

Malicious Chrome extensions tied to ownership transfers push malware and steal data, exposing thousands to credential theft and system compromise.

IntroductionThreat actors often take advantage of major global events to fuel interest in their malicious activities. Zscaler ThreatLabz is diligently tracking a surge in cybercriminal activity that ...

A Chrome extension named "QuickLens - Search Screen with Google Lens" has been removed from the Chrome Web Store after it was ...

A compromised Chrome extension with 7,000 users was updated to deploy malware, strip security headers, and steal cryptocurrency wallet seed phrases.

A new ClickFix attack variant uses fake CAPTCHA pages instructing victims to paste and execute malicious commands in Windows Terminal.

Microsoft has rolled out the Windows 11 February cumulative update, KB5077181, and early coverage paints it as a corrective release aimed at both security and day-to-day stability. Monthly rollups ...

Cybercriminals are now able to rent Malware-as-a-service and legally install malware on your PC. Learn how to identify these ...

In Vernor Vinge’s science fiction novel A Deepness in the Sky, one of the characters works as a software archaeologist, mining thousands of years of code and libraries to find the solutions to ...

Attackers are using fake Claude Code install pages and malicious search ads to spread infostealer malware targeting Windows and macOS systems.

ThreatDown, the corporate business unit of Malwarebytes, today published research documenting what researchers believe to be the first documented case of attackers abusing the Deno JavaScript runtime ...