The Microsoft Binlog MCP Server enables AI-powered build failure diagnosis, property tracing, performance analysis, and build ...
A wave of phishing emails sent to Booking.com partner accommodations in Japan in May led to blockchain-hosted malware ...
Opera GX patched a flaw that let malicious sites silently install GX Mods and leak a signed-in user’s Gmail address with CSS.
Separate but similar campaigns described by Microsoft and Trend Micro use malicious zip files to spread malware via social ...
Researchers have found a never-before-seen piece of macOS malware that combines a series of clever tradecraft to infect Macs ...
Lazarus Group concealed a four-module remote access toolkit inside six fake npm Rollup polyfill packages that fired at import ...
A new Mac infostealer dubbed PamStealer impersonates the open-source Maccy clipboard manager to steal passwords and more.
The infostealer was delivered via CVE-2026-48558, a critical authentication bypass vulnerability in SimpleHelp.
JFrog says six malicious npm packages used hidden install-time execution, JSONKeeper fetches, and sandbox checks to enable remote access.
StegoAd Microsoft Edge extensions malware affected up to 2.6 million users after the company removed 119 add-ons that hid ...
The FOSS well apparently never runs dry—here’s the next round of this roundup.