The LeakNet ransomware gang is now using the ClickFix technique for initial access into corporate environments and deploys a ...

Malicious JavaScript code delivered by the AppsFlyer Web SDK hijacked cryptocurrency, potentially in a supply-chain attack.

ThreatDown, the corporate business unit of Malwarebytes, today published research documenting what researchers believe to be the first documented case of attackers abusing the Deno JavaScript runtime ...

Researchers say they’ve discovered a supply-chain attack flooding repositories with malicious packages that contain invisible ...

OpenClaw developers targeted by sophisticated phishing scam using fake $CLAW token giveaways on GitHub. Learn how attackers ...

Skia graphics lib and V8 JavaScript engine brings browser's tally of actively exploited bugs to three in 2026 Google has ...

Interlock exploits CVE-2026-20131 zero-day since Jan 26, enabling root access on Cisco FMC, increasing ransomware risks.

Magecart hides payload in favicon EXIF via third-party scripts, bypassing static analysis and stealing checkout data at ...

Polyfill supply chain attack that hit more than 100,000 websites has now been linked to North Korean threat actors.

Sir John Major has attacked Donald Trump over the Iran war and accused Sir Keir Starmer of a "demeaning" policy of "tiptoeing ...

The Tycoon 2FA phishing platform’s operations have been largely unaffected by the recent law enforcement takedown attempt.

The AMMKS has issued an urgent appeal to the central and Maharashtra government to intervene in the mounting fuel pricing ...