Instead of the usual phishing email or fake download page, attackers are using Google Forms to kick off the infection chain. The attack typically begins when a victim downloads a business-themed ZIP ...

New hacking cluster exploits web servers and Mimikatz to infiltrate Asian infrastructure for long-term espionage in aviation, ...

Distributed through over 100 GitHub repositories, the BoryptGrab stealer targets browser, wallet, system, and other user data ...

A new malware strain dubbed Slopoly, likely created using generative AI tools, allowed a threat actor to remain on a compromised server for more than a week and steal data in an Interlock ransomware ...

IntroductionOn March 1, 2026, ThreatLabz observed new activity from a China-nexus threat actor targeting countries in the Persian Gulf region. The activity took place within the first 24 hours of the ...

An extension I used almost every day was bought by a new owner and loaded up with spyware. It happened in 2024, but Google ...

Honey-like affiliate hijack in question ...

The financially motivated group has been active since May 2025, impersonating Fortinet, Ivanti, Cisco, and other vendors to steal corporate credentials.

The LeakNet ransomware gang is now using the ClickFix technique for initial access into corporate environments and deploys a ...

ESET researchers dive deeper into the EDR killer ecosystem, disclosing how attackers abuse vulnerable drivers.

How can an extension change hands with no oversight?

A handy price tracker, ad blocker, AI chatbot, or any other extension can turn malicious overnight and secretly install malware. Security researchers have demonstrated that extensions can modify every ...