Securonix uncovers the Veil#Drop malware framework, which abuses compromised websites and Google Blogspot to deploy the PureLog information stealer.
Attackers are now exploiting a maximum-severity Adobe ColdFusion vulnerability tracked as CVE-2026-48282, according to ...
Infosecurity spoke with the researcher who dumped over 30 proof-of-concept exploits without disclosing the vulnerabilities ...
ConsentFix and ClickFix attacks steal Microsoft 365 tokens in seconds using fake prompts and OAuth flows. Learn how these MFA ...
The campaign spans npm, Packagist, Go, and Chrome, using obfuscated JavaScript loaders and VS Code tasks to deliver malware.
Attackers are hiding a data-stealing trojan inside fake exploit code aimed at the people who hunt bugs for a living. The malware, called ChocoPoC, travels in Python proof-of-concept (PoC) repositories ...
Explore the latest news and expert commentary on Application Security, brought to you by the editors of Dark Reading ...
The following include a list of pentest tools available across the web. Many are free and even open source, others are premium tools and require a monthly or yearly subscription. We’ll note when ...