An attack targeting the Node.js ecosystem was just identified — but not before it compromised 18 npm packages that account ...

The malware was found in 18 npm packages that together are usually downloaded over 2 billion times per week. But the security ...

Hackers are sharing malicious SVG files which spoof real-life websites in order to trick victims into downloading damaging ...

Macworld Jamf Threat Labs has released a new report on Mac malware. Dubbed ChillyHell, the malware was first discovered in ...

Cybercriminals use fake troubleshooting websites to trick Mac users into running terminal commands that install Shamos malware through ClickFix tactics.

The malware tricks IT personnel into downloading malicious GitHub Desktop installers with GPU-gated decryption targeting ...

MostereRAT phishing campaign targets Japanese users with advanced evasion tactics, disabling defenses and stealing data.

Bad actors are using GitHub's repository structure and paid Google Ads placements to trick EU IT users into downloading a unique malware dubbed "GPUGate" that includes new hardware-specific evasion ...

GPUGate malware uses Google Ads and fake GitHub commits to steal data from IT firms since Dec 2024, bypassing sandboxes and GPU-lacking systems.

In a supply chain attack, attackers injected malware into NPM packages with over 2.6 billion weekly downloads after ...

That would be a big mistake. These codes can easily take you to any URL with a quick tap, and that's a dangerous access point ...

An escalating npm supply chain attack has compromised dozens of foundational JavaScript packages to spread malware and drain ...