Weedhack malware targets Minecraft players via YouTube and SEO poisoning since Jan 2026, enabling credential theft and remote ...
A threat actor tracked as DriveSurge has been operating large-scale malware distribution campaigns using ClickFix and ...
The PureLogs module targeted a wide range of browsers, including Google Chrome, Microsoft Edge, Brave, Opera, Yandex Browser, ...
Fake Claude Code install sites are pushing malware that steals API keys, developer credentials, crypto wallets, and other ...
Fake Claude Code installer malware used Google Ads to place spoofed AI tool pages above real documentation since March 2026.
Ghost CMS flaw CVE-2026-26980 enabled attacks on 700+ sites, injecting ClickFix malware through fake CAPTCHA pages.
Ghost CMS SQL injection campaign has compromised 700+ websites — including Harvard University, Oxford University, and DuckDuckGo — using a CVSS 9.4 flaw to inject ClickFix malware lures that trick ...
A legacy Windows scripting utility tied to Internet Explorer is still being used in modern malware campaigns, researchers say.
A large-scale campaign is exploiting a critical SQL injection vulnerability (CVE-2026-26980) in Ghost CMS to inject malicious ...
A sneaky IAB operation uses a malicious traffic distribution system (TDS) to redirect visitors of trusted websites to ones ...
Cryptopolitan on MSN
North Korea’s Lazarus turns to fileless malware in new crypto attacks
Lazarus Group has deployed RemotePE, a fully memory-resident trojan that is extremely hard for traditional antivirus and forensic tools to detect.
Some results have been hidden because they may be inaccessible to you
Show inaccessible results