With the ability to take control of distributed devices at scale, HalluSquatting has the potential to achieve various ...
Microsoft Threat Intelligence identified a large-scale npm supply chain attack affecting 32 maliciously modified packages across more than 90 versions under the @redhat-cloud-services npm scope. The ...
Monday’s recap shows the same pattern in different places. A third-party tool becomes a way in, then leads to internal access. A trusted download path is briefly swapped to deliver malware. Browser ...
The promise of autonomous AI agents is rapidly turning into a security beachhead for initial access. Our labs have detected a series of malicious campaigns targeting OpenClaw (formerly known as ...
Cybersecurity researchers have discovered a JScript-based command-and-control (C2) framework called PeckBirdy that has been put to use by China-aligned APT actors since 2023 to target multiple ...
December 2025 was a brutal reality check for security teams. While most were winding down for the holidays, threat actors weaponized a tectonic shift in the landscape, headlined by the “React2Shell” ...
Newly discovered npm package 'fezbox' employs QR codes to retrieve cookie-stealing malware from the threat actor's server. The package, masquerading as a utility library, leverages this innovative ...
Threat actors are using novel living-off-the-land (LOTL) tactics to better evade detection, according to HP Wolf’s Q2 2025 Threat Insights Report. These tactics include the growing use of multiple, ...
tty2web is a simple command line tool that turns your CLI tools into web applications. it is based on Gotty, but heavily improved. If you have a Go language environment, you can install tty2web with ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results