DRILLAPP JavaScript backdoor targets Ukraine in Feb 2026, abusing Edge debugging features to spy via camera, microphone, and screen capture.

Malicious JavaScript code delivered by the AppsFlyer Web SDK hijacked cryptocurrency, potentially in a supply-chain attack.

Powered by the TypesScript-native runtime Bun, Electrobun improves Electron with a smaller application footprint and built-in ...

Ocean Network links idle GPUs with AI workloads through a decentralized compute market and editor-based orchestration tools.

ThreatDown, the corporate business unit of Malwarebytes, today published research documenting what researchers believe to be ...

House lawmakers were digging into Jeffrey Epstein’s sprawling financial portfolio Wednesday as a committee deposed his former ...

New ClickFix variant maps WebDAV drive to run trojanized WorkFlowy app, enabling stealth C2 beacon and payload delivery.

IntroductionThreat actors often take advantage of major global events to fuel interest in their malicious activities. Zscaler ThreatLabz is diligently tracking a surge in cybercriminal activity that ...

The Wikimedia Foundation suffered a security incident today after a self-propagating JavaScript worm began vandalizing pages and modifying user scripts across multiple wikis.

A compromised Chrome extension with 7,000 users was updated to deploy malware, strip security headers, and steal cryptocurrency wallet seed phrases.

The infamous GlassWorm malware has infected dozens more Open VSX software packages, according to new research.

The U.S. Department of Justice (DOJ) has begun releasing a large trove of documents related to convicted sex offender Jeffrey Epstein and his associates. The DOJ’s online archive, the Epstein library, ...