OkoBot injects recovery phrase lures into Ledger and Trezor apps, targeting hundreds of Windows users across more than 25 ...
A fake GitHub repository campaign created hundreds of malicious projects that impersonated legitimate software and cybersecurity tools. The repositories directed users to deceptive download pages that ...
The attack vector is available for rent at scale, and evades AV and EDR, leaving YARA analysis as the best detection option.
Researchers reported the flaw to Cursor in December, but it still remains in the popular AI coding platform and can be used ...
An exposed attack server led Lexfo to three Microsoft 365 phishing operations using Evilginx and device code abuse to capture ...