The LeakNet ransomware gang is now using the ClickFix technique for initial access into corporate environments and deploys a ...

OpenClaw developers targeted by sophisticated phishing scam using fake $CLAW token giveaways on GitHub. Learn how attackers ...

GlassWorm campaign injects malware into GitHub Python repos using stolen tokens since March 8, 2026, exposing developers to ...

Interlock exploits CVE-2026-20131 zero-day since Jan 26, enabling root access on Cisco FMC, increasing ransomware risks.

Malicious JavaScript code delivered by the AppsFlyer Web SDK hijacked cryptocurrency, potentially in a supply-chain attack.

ThreatDown, the corporate business unit of Malwarebytes, today published research documenting what researchers believe to be the first documented case of attackers abusing the Deno JavaScript runtime ...

The DarkSword iOS exploit chain was used by the Russian APT behind the Coruna exploit in attacks targeting Ukraine.

Researchers say they’ve discovered a supply-chain attack flooding repositories with malicious packages that contain invisible code, a technique that’s flummoxing traditional defenses designed to ...

Skia graphics lib and V8 JavaScript engine brings browser's tally of actively exploited bugs to three in 2026 Google has pushed out an emergency Chrome update to fix two previously unknown ...

A violent extremist attack against Canada’s Jewish community is a “realistic possibility” in the next six months, the federal Integrated Threat Assessment Centre warns in a report obtained by The ...

Sir John Major has attacked Donald Trump over the Iran war and accused Sir Keir Starmer of a "demeaning" policy of "tiptoeing ...

Polyfill supply chain attack that hit more than 100,000 websites has now been linked to North Korean threat actors.