North Korean-linked campaign publishes 26 malicious npm packages hiding C2 in Pastebin, deploying credential stealers & RAT ...

OAuth redirection is being repurposed as a phishing delivery path. Trusted authentication flows are weaponized to move users from legitimate sign‑in pages to attacker‑controlled infrastructure.

A developer-targeting campaign leveraged malicious Next.js repositories to trigger a covert RCE-to-C2 chain through standard ...

Malware can blend in with legitimate AI traffic, using popular AI tools as C2 infrastructure.

Mandiant, and partners disrupted a global espionage campaign attributed to a suspected Chinese threat actor that used SaaS API calls to hide malicious traffic in attacks targeting telecom and ...

It’s hard to believe that something nefarious can lie within a QR code, but it can. QR codes have become a convenience of modern life. Just scan the black and white mosaic with your phone’s camera and ...

APT28’s Operation MacroMaze used macro-laced documents and webhook.site to exfiltrate data across Europe from Sept 2025 to ...

Master WS-Federation for enterprise SSO. Learn how Passive Requestor Profiles bridge legacy ASP.NET, SharePoint, and ADFS ...

Hundreds of popular add‑ons used encrypted, URL‑sized payloads to send search queries, referrers, and timestamps to outside servers, in some cases tied to data brokers and unknown operators.

Check Point Research shows browsing-enabled AI chat can act as a malware relay, moving commands and data through normal-looking traffic. Microsoft urges defense-in-depth, while defenders may need ...

AI agents may work smarter than chatbots, but with tool access and memory, they can also leak data, loop endlessly or act ...