Belgian authorities arrested a 19-year-old suspected of playing a key role in a European phishing and money-laundering network that stole more than 500,000 ...
Malicious npm packages mimicking Rollup polyfill tooling steal browser data, crypto wallets, and AI tool credentials in a Lazarus-linked campaign.
JFrog says six malicious npm packages used hidden install-time execution, JSONKeeper fetches, and sandbox checks to enable remote access.
Alibaba will bar staff from using Anthropic's Claude Code from July 10 over an alleged backdoor, a source says, amid a wider Claude-Qwen dispute.
Kaspersky reports ToddyCat’s Umbrij abuses headless Chromium and OAuth flows to extract Gmail authorization codes, enabling ...
Researchers have discovered two vulnerabilities in the widely used Cursor AI-enabled integrated development environment (IDE) ...
A SimpleHelp authentication flaw is being exploited to deploy Djinn Stealer, a cross-platform malware targeting cloud, ...
In April, according to a Department of Justice press releaseOpens a new window , two U.S. citizens were sentenced to seven ...
Through targeted, company-specific actions, the US government has taken the unprecedented step of extending export controls to both ...
The infostealer was delivered via CVE-2026-48558, a critical authentication bypass vulnerability in SimpleHelp.
The effort to make identity more trustworthy may therefore expand the surveillance capabilities built into ordinary ...