Distributed through over 100 GitHub repositories, the BoryptGrab stealer targets browser, wallet, system, and other user data ...

Malicious npm package '@openclaw-ai/openclawai' downloaded 178 times installs GhostLoader RAT, stealing credentials and crypto wallets.

IntroductionThreat actors often take advantage of major global events to fuel interest in their malicious activities. Zscaler ThreatLabz is diligently tracking a surge in cybercriminal activity that ...

Romania’s Government Private Cloud, the largest critical digital infrastructure developed in the country, is entering the ...

Fix OneNote can't connect to the server, Sync will resume once we connect. You don't need to take any action. (0x803D0014 ...

Microsoft reveals ClickFix campaign abusing Windows Terminal to deliver Lumma Stealer and steal browser credentials.

A ModelScope MS-Agent vulnerability allows attackers to feed malicious commands to AI agents and modify system files or steal ...

Ransomware threat actors tracked as Velvet Tempest are using the ClickFix technique and legitimate Windows utilities to deploy the DonutLoader malware and the CastleRAT backdoor.

Hackers are abusing the legitimate OAuth redirection mechanism to bypass phishing protections in email and browsers to take ...

Unwitting victims are now being tricked into installing malware via Windows Terminal, but some experts say this is old news.

Cheap infostealer quietly spreading through cybercrime markets ...

TrustConnect is back, this time used to deploy legitimate but weaponized RMM solutions.