Operation Dream Job is evolving once again, and now comes through malicious dependencies on bare-bones projects.

ClickFix campaigns have adapted to the latest defenses with a new technique to trick users into infecting their own machines with malware.

Knostic found 1,862 MCP servers exposed with zero authentication. Here are five actions CISOs should take now.

The threat actor has been compromising cloud environments at scale with automated worm-like attacks on exposed services and ...

Who needs humans when a purported 1.5 million agents trade lobster memes and start their own religion? Moltbook, vibe-coded by Octane AI founder Matt Schlicht in a weekend (he cla ...

The FBI warned in 2023 that “thousands of skilled IT workers” were moving abroad from North Korea and setting up as freelance IT professionals, warning recruiters to be wary of remote workers who ...

Microsoft warns that Python-based infostealers are increasingly targeting macOS, harvesting sensitive data and challenging ...

Keeping up with the latest malware threats is a full-time job, and honestly, it’s getting pretty intense. From AI messing ...

Outlook add-in phishing, Chrome and Apple zero-days, BeyondTrust RCE, cloud botnets, AI-driven threats, ransomware activity, ...

Workforce monitoring software was abused in two cases of attempted ransomware attacks, researchers from Huntress found.

When Microsoft patched a vulnerability last summer that allowed threat actors to use Windows’ shortcut (.lnk) files in ...

Cybercriminals are happy to target almost any industry where data can be stolen. In many cases, less prepared and less security-focused companies are simply easier targets. A recent ransomware attack ...