A threat actor tracked as DriveSurge has been operating large-scale malware distribution campaigns using ClickFix and ...

A dependency confusion campaign leveraged 33 malicious npm packages to collect reconnaissance data from developer and build environments. This report details the attack chain, observed tradecraft, and ...

Microsoft has identified an active supply chain attack targeting the npm package ecosystem. On May 28, 2026, a single threat actor operating under the newly created maintainer alias vpmdhaj (a39155771 ...

CISA, the US government agency whose entire job is keeping America’s critical infrastructure safe from hackers, has had a ...

Your browser is more than just another app—it's your gateway to the web. We break down the strengths and weaknesses of today's top browsers to help you find the best fit for your needs.

Downloading executable installer files from random websites is the best way to put malware on your Windows PC. Stop doing ...

Firefox 151.0.2 fixes Split View bugs, Windows crashes, caching problems, and several website rendering issues.

Ghost CMS SQL injection campaign has compromised 700+ websites — including Harvard University, Oxford University, and DuckDuckGo — using a CVSS 9.4 flaw to inject ClickFix malware lures that trick ...

Ghost CMS flaw CVE-2026-26980 enabled attacks on 700+ sites, injecting ClickFix malware through fake CAPTCHA pages.

Explore our detailed Claude AI review, highlighting its features, performance, and user experience. Make an informed choice ...

Lazarus Group has deployed RemotePE, a fully memory-resident trojan that is extremely hard for traditional antivirus and forensic tools to detect.