A newly-discovered malicious package with layers of obfuscation is disguised as a utility library, with malware essentially ...
GitHub enforces FIDO 2FA and seven-day token limits after Shai-Hulud npm attack to boost supply chain security.
A malicious npm package named Fezbox has been found using an unusual technique to conceal harmful code. The package employs a ...
We’ve all heard of Gen AI being used to craft bodies of convincing phishing emails, however Microsoft researchers have now discovered a campaign in which threat actors took AI use in phishing a step ...
ESET researchers reveal how malware operators collaborate with covert North Korean IT workers, posing a threat to both headhunters and job seekers.
Newly discovered npm package 'fezbox' employs QR codes to hide a second-stage payload to steal cookies from a user's web browser. The package, masquerading as a utility library, leverages this ...
North Korea’s Contagious Interview spreads AkdoorTea and TsunamiKit to steal crypto and infiltrate global developers.
The end of the decade-long nuclear deal originally agreed by Iran, Britain, Germany, France, the United States, Russia and ...
A massive phishing campaign targeted GitHub users with cryptocurrency drainers, delivered via fake invitations to the Y ...
North Korean hackers are intensifying their global campaign against cryptocurrency and Web3 developers, using a new backdoor ...
North Korean-linked crews connected to the pervasive IT worker scams have upped their malware game, using more advanced tools ...
A fake police alert is the social engineering cornerstone of an ongoing phishing campaign targeting Ukrainian government ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results
Feedback