DPRK-linked actors use GitHub C2 and LNK phishing in South Korea, enabling persistent PowerShell control and data ...
On March 31, 2026, the popular HTTP client Axios experienced a supply chain attack, causing two newly published npm packages ...
Hackers hijacked the npm account of the Axios package, a JavaScript HTTP client with 100M+ weekly downloads, to deliver ...
Axios 1.14.1 and 0.30.4 injected malicious plain-crypto-js@4.2.1 after npm compromise on March 31, 2026, deploying ...
Threat actors are now abusing DNS queries as part of ClickFix social engineering attacks to deliver malware, making this the first known use of DNS as a channel in these campaigns. ClickFix attacks ...
PowerShell cross-platform limitations break Windows-only cmdlets, .NET dependencies, and Windows Forms GUIs on Linux. Dual booting and WinBoat enable Windows PowerShell compatibility but introduce ...
Windows security updates tend to conjure thoughts of operating system vulnerabilities, including zero-days, being patched or even unexpected failures with serious consequences. This security update, ...
Editor's take: Microsoft is doubling down on its plan to turn Windows 11 into an "agentic AI" platform, and in the process seems determined to strip away the last bits of user agency left in the OS.
Initial access broker Storm‑0249 has shifted from noisy, easily detected phishing attacks to highly targeted campaigns that are much harder to detect and stop. According to ReliaQuest, Storm-0249, ...
Aid groups involved in Ukraine’s war relief efforts and Ukrainian regional government administrations were targeted by a single-day spear phishing attack, a SentinelOne report has revealed. The ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results