SVG phishing email attacks are bypassing enterprise email security gateways by hiding JavaScript inside image files and ...

SideCopy targeted Afghanistan's Finance Ministry with Xeno RAT via Pashto phishing lures, enabling espionage and system ...

A dependency confusion campaign leveraged 33 malicious npm packages to collect reconnaissance data from developer and build environments. This report details the attack chain, observed tradecraft, and ...

Ghostwriter used Prometheus lures since spring 2026 to target Ukraine agencies, enabling malware delivery and data theft.

ThreatDown’s EDR team discovered a sophisticated, multi-stage attack chain during an active investigation; the first documented case of attackers abusing the Deno runtime as a malware execution ...

The Cybersecurity and Infrastructure Security Agency has ordered federal agencies to patch three critical iOS vulnerabilities that were exploited over a 10-month span in hacking campaigns conducted by ...

Gootloader JavaScript malware, commonly used to deliver ransomware, is back in action after a period of reduced activity. Since October 27, security shop Huntress says it has spotted three Gootloader ...

After a long hiatus, Gootloader is back to its old tricks When you purchase through links on our site, we may earn an affiliate commission. Here’s how it works. The Gootloader malware scam, which was ...

Ontinue warns of a newly observed phishing campaign leveraging Scalable Vector Graphics (SVG) files in redirect attacks that evade traditional detection. While considered harmless image formats, SVG ...

CISOs should warn HR staff not to be fooled by a new spear phishing campaign that contains job applications that include updated malware, and take steps to identify and block an improved backdoor.

Experts warn Tycoon2FA has gotten new obfuscation and evasion upgrades The platform is used to bypass MFA on Google and Microsoft accounts It is hugely popular among cybercriminals Tycoon2FA, an ...

Microsoft has removed two popular VSCode extensions, 'Material Theme – Free' and 'Material Theme Icons – Free,' from the Visual Studio Marketplace for allegedly containing malicious code. The two ...