Microsoft Threat Intelligence identified an active multi-stage intrusion campaign targeting hospitality organizations in ...

A poisoned npm package infected 140+ projects with a hidden payload. This report highlights how to detect, hunt, and defend ...

Phantom Stealer phishing targets banks with fileless malware and in-memory Windows process injection. The infostealer harvests credentials, cookies, financial data, screenshots, and cryptocurrency ...

Microsoft uncovered CryptoBandits malware that steals crypto wallets, hijacks clipboard data and uses Tor-based backdoors to ...

Microsoft has attributed a recent Mastra AI supply chain attack that compromised more than 140 npm packages to the North Korean hacking group Sapphire Sleet, also known as BlueNoroff. This attribution ...

Mastra AI’s 144 JavaScript packages was executed in just 88 minutes by North Korea’s Sapphire Sleet hacking group, which ...

Cybersecurity consultant Sergey Chubarov used a session on defending against intelligent threats to outline how AI is changing attack speed, scale and believability, with the most actionable guidance ...

ESET researchers analyzed the 2025 activity of Webworm, a China-aligned APT group that started out targeting organizations in Asia, but has recently shifted its focus to Europe. Even though this is ...

Threat researchers identified a malicious advertising campaign that redirects users to a fake Claude download page. The site delivers different payloads depending on the victim’s operating system, ...

Bitdefender security researchers have discovered that attackers continue to exploit Microsoft HTML Application Host (MSHTA), a legacy utility available by default on Windows systems that can execute ...

The Russian state-sponsored hacking group known as Turla has transformed its custom backdoor Kazuar into a modular peer-to-peer (P2P) botnet that's engineered for stealth and persistent access to ...