Operation Navy Ghost is targeting Python developers who build Telegram bots by hiding backdoors inside trojanized Pyrogram forks uploaded to PyPI. The campaign has been active since November 2025, ...
Back in the late 1980s, using a computer required a lot of patience. In a time before cloud storage, fast internet, and multi ...
Researchers from Zscaler found a new malware campaign dubbed Edgecution.
SentinelOne details Gaslight, a Rust-based macOS implant linked to North Korea-aligned actors that uses prompt injection to ...
JFrog found malicious npm packages that deploy a Windows RAT to steal Chrome credentials, run commands, and transfer files.
PSA: The widely used 7-Zip utility is once again affected by a potentially dangerous security vulnerability. The open-source file archiver can be exploited to execute malicious code by tricking users ...
A new threat actor is combining social engineering techniques, abuse of legitimate cloud infrastructure, and custom malware together to create what appears to be novel attack chain. Google Threat ...
In January 2026, Microsoft Defender Experts identified a new evolution in the ongoing ClickFix campaign. This updated tactic deliberately crashes victims’ browsers and then attempts to lure users into ...
Attackers behind a self-propagating malware campaign targeting Brazilian financial institutions have accelerated and upgraded their malicious activity, using artificial intelligence (AI) to spawn a ...
A recent investigation has revealed a phishing campaign that began with a simple Python-based infostealer but ultimately led to the deployment of PureRAT, a full-featured commodity remote access ...