The Computer Emergencies Response Team of Ukraine (CERT-UA) has disclosed details of a new campaign that has targeted ...

Cargo-stealing hackers have a new trick up their sleeve: using a third-party code-signing service makes their remote ...

DeepLoad exploits ClickFix and WMI persistence to steal credentials, enabling stealth reinfection after three days.

Security researchers have detected a “sharp rise” in brute-force attempts to hijack SonicWall and Fortinet devices, with the ...

Fake CAPTCHA pages can install the StealC infostealer. Don't paste or run commands; disconnect and change passwords.

Microsoft has deprecated and removed the Support and Recovery Assistant (SaRA) command-line utility from all in-support ...

The financially motivated cybercriminal threat actor Storm-1175 operates high-velocity ransomware campaigns that weaponize ...

Microsoft’s CA-2023 Secure Boot update broke PCs. Learn why UEFI firmware failed, how vendors reacted, and how to fix your boot issues.

This week, German police unmasked a REvil leader, a critical Docker flaw, Medusa ransomware surged, DPRK hackers abused ...

A newly uncovered malware campaign is combining ClickFix delivery with AI generated evasion techniques to steal enterprise user accounts and passwords. The attacks are designed to provide intruders ...

The CPU-Z And HWMonitor installers being compromised is notable because a user could do everything correctly and still get pwned.

An attacker compromised the npm account of a lead Axios maintainer on March 30, and used it to publish two malicious versions of the widely used JavaScript HTTP client library.