An attacker has been exploiting a zero-day vulnerability in Gogs, an open-source and popular Git service that allows for self ...
Security research firm Flare discovered over 10,000 Docker Hub images containing exposed secrets during a single month of ...
A new campaign involving 19 malicious Visual Studio Code extensions used a legitimate npm package to embed malware in ...
Researchers found malicious VS Code extensions and Go, npm, and Rust packages stealing developer data via hidden payloads and exfiltration.
We are either at the dawn of AI-driven malware that rewrites itself on the fly, or we are seeing vendors and threat actors exaggerate its capabilities. Recent Google and MIT Sloan reports reignited ...
A new malware implant called EtherRAT, deployed in a recent React2Shell attack, runs five separate Linux persistence ...
The cybercrime-as-a-service model has a new product line, with malicious large language models built without ethical ...
A new twist on the social engineering tactic is making waves, combining SEO poisoning and legitimate AI domains to install ...
This week’s ThreatsDay Bulletin covers USB malware, fake crypto scams, CastleRAT, new cyber laws, and falling ransomware ...
Wiz has found threat actors exploiting GitHub tokens, giving them access to GitHub Action Secrets and, ultimately, cloud ...
No installs. No steep learning curve. Just a required Adobe sign-in to use Photoshop, Express, or Acrobat.
Two malicious Visual Studio Code extensions, Bitcoin Black and Codo AI, have been observed harvesting sensitive user data ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results
Feedback