ConsentFix and ClickFix attacks steal Microsoft 365 tokens in seconds using fake prompts and OAuth flows. Learn how these MFA ...
From package to postinstall payload: Inside the Mastra npm supply chain compromise by Sapphire Sleet
June 19, 2026 update: Microsoft assesses with high confidence that this activity is attributable to Sapphire Sleet, a North Korean state actor that primarily targets the financial sector. The ...
Infostealers continue to be some of the most pervasive and impactful threats across the cybercrime ecosystem. They play a central role in intrusions, silently harvesting passwords, cookies, and ...
Cybersecurity researchers have flagged multiple ClickFix campaigns that deliver three malware loaders called BabaDeda Loader, Lorem Ipsum Loader, and Potemkin, per independent reports from Morphisec, ...
A threat actor has been caught using AI-generated malware in a real network intrusion, deploying a PowerShell script that an ...
description: The following analytic identifies modifications to registry keys commonly used for persistence mechanisms. It leverages data from endpoint detection sources like Sysmon or Carbon Black, ...
This week’s threat list looks painfully familiar: abused integrations, fake tools, poisoned websites, ransomware crews trying to shut down security tools, and mobile malware asking for way too much ...
Anthropic accuses Alibaba of using 25,000 fake accounts to scrape Claude AI The alleged campaign generated 28.8 million queries in a large-scale model-extraction effort to replicate AI capabilities.
Some results have been hidden because they may be inaccessible to you
Show inaccessible results