The campaign spans npm, Packagist, Go, and Chrome, using obfuscated JavaScript loaders and VS Code tasks to deliver malware.
Chrome vs. Edge vs. Firefox: I tested each browser's AI, but I'm only sticking with one ...
It's not Half-Life 3 but it's something.
Jamf says the Rust-based PamStealer targets Apple Silicon Macs, steals browser, wallet, Keychain, and clipboard data, and persists.
A fileless malware framework has been abusing Google's Blogspot platform to deliver the PureLog Stealer entirely in memory, letting attackers steal credentials while leaving few traces on disk.
A new Mac infostealer dubbed PamStealer impersonates the open-source Maccy clipboard manager to steal passwords and more.
A SimpleHelp authentication flaw is being exploited to deploy Djinn Stealer, a cross-platform malware targeting cloud, ...
Learn how websites detect VPNs through IP reputation, DNS leaks, WebRTC, and browser fingerprints—and seven practical ways to reduce tracking.
Separate but similar campaigns described by Microsoft and Trend Micro use malicious zip files to spread malware via social ...
Researchers found attackers using fake CAPTCHA pages. Users should never run PowerShell or Windows commands requested by ...
Lazarus Group concealed a four-module remote access toolkit inside six fake npm Rollup polyfill packages that fired at import ...
The infostealer was delivered via CVE-2026-48558, a critical authentication bypass vulnerability in SimpleHelp.