Learn how EvilTokens hides Microsoft 365 phishing behind browser-side decryption and how browser-level analysis helps SOC ...
Telegram Serverless lets developers deploy bot backends on Telegram's own infrastructure with a single tgcloud command, but ...
A threat actor has published hundreds of fake GitHub repositories impersonating legitimate software and security projects to ...
The Jscrambler client-side web security company disclosed that a threat actor published a malicious version of its npm ...
Attackers created at least 292 fake GitHub repositories that impersonated developer tools and redirected users to ...
Threat actors compromised AsyncAPI packages and weaponized trusted CI/CD workflows to distribute malware through npm. This ...
NordLocker, the encrypted cloud storage service behind the creators of Nord Security, has announced the most significant architectural upgrade in its history. Codenamed ...
This week’s ThreatsDay Bulletin covers spyware-laced game cheats, fake installers, infostealer, ransomware, phishing kits, ...
New TELEPUZ malware spreads through ClickFix, then steals browser cookies, logs keystrokes, runs commands, and installs ...
A large-scale phishing operation has been observed disguising a malicious script as a TrueType font file (.tff). Using the ...
Stolen and leaked credentials lead to Node.js packages from AsyncAPI and Jscrambler Code Integrity being poisoned with ...