Claude Code bypasses security controls by acting locally before monitoring, exposing data risks and audit gaps.

Distributed through over 100 GitHub repositories, the BoryptGrab stealer targets browser, wallet, system, and other user data.

During tax season, threat actors reliably take advantage of the urgency and familiarity of time-sensitive emails, including ...

ThreatDown, the corporate business unit of Malwarebytes, today published research documenting what researchers believe to be the first documented case of attackers abusing the Deno JavaScript runtime ...

Hundreds of GitHub repositories seemingly offering “free game cheats” deliver malware, including the Vidar infostealer, ...

Legacy DOC files risk corruption, hide malware, and slow modern collaboration—DOCX solves all three with modular XML design.

Six security teams shipped six OpenClaw defense tools in 14 days. Three attack surfaces survived: runtime semantic ...

CanisterWorm infects 28 npm packages via ICP-based C2, enabling self-propagation and persistent backdoor access across developer systems.

Hackers are impersonating IT staff in Microsoft Teams to trick employees into installing malware, giving attackers stealthy ...

For more than a year, a Russian-speaking threat actor targeted human resource (HR) departments with malware that delivers a new EDR killer named BlackSanta.

Ransomware hackers exploited a flaw with a maximum vulnerability score in Cisco firewall management software weeks before the ...

A Steam update for Robocop Rogue City replaced the shooter with a separate build of a 'Hunter' game, which was then swiftly removed again.