PureLogs Stealer uses fake PDF JavaScript files and Google's Blogger pages in the VEIL#DROP campaign, enabling fileless ...
Enforcing continuous in-session protection across any browser on managed and unmanaged devices establishes Falcon Secure ...
Fortinet says the Ousaban trojan uses geofenced phishing PDFs and steganography to steal banking credentials from users in Spain and Portugal.
Securonix says PureLogs infection starts with a fake PDF JavaScript file and uses PowerShell, fileless .NET loading, and LOLBins.
Installing a piece of code from NPM will no longer auto-run malware on the system, and won’t quietly pull malicious code from external repos unless the developer explicitly allows it. But this won’t ...
Researchers found attackers using fake CAPTCHA pages. Users should never run PowerShell or Windows commands requested by ...
Ongoing research into AI agent framework security identified an exploit chain in AutoGen Studio (AutoGen’s open-source prototyping user interface) that allows untrusted web content rendered by a ...
Separate but similar campaigns described by Microsoft and Trend Micro use malicious zip files to spread malware via social ...
Microsoft says these 119 malicious extensions were downloaded a total of 2.6 million times since 2021.
The UK’s healthcare sector is being “stress-tested to breaking point," with a tenfold increase in attacks during January-May ...
The latest email threats: real Microsoft login phishing, device code scams with a kill switch, split-click attacks, and the ...
The infostealer was delivered via CVE-2026-48558, a critical authentication bypass vulnerability in SimpleHelp.