Top Stories
Recent Posts
-

Google and Microsoft Pull ModHeader With 1.6 Million Installs After Dormant Collector Found
Google and Microsoft have pulled ModHeader, a popular header-editing extension with roughly…
-

CrashStealer macOS Malware Uses Notarized Dropper to Pass Gatekeeper Checks
Cybersecurity researchers have flagged a new macOS information stealer called CrashStealer that’s…
-

⚡ Weekly Recap: ShareFile Threat, Citrix Bleed 2 Ransomware, AI Coding Attacks, and More
Somewhere right now, a security tool is quietly finding bugs faster than…
-

Forg365 PhaaS Targets Microsoft 365 with Device Code and AitM Session Theft
A new phishing-as-a-service (PhaaS) operation called Forg365 is using a combination of…
-

Compromised jscrambler 8.14.0 npm Release Drops Rust Infostealer During Install
Version 8.14.0 of the jscrambler npm package shipped with a malicious preinstall hook that silently drops…
-

Injective Labs GitHub Compromise Pushes Wallet-Key-Stealing npm Packages
Unknown threat actors compromised the Injective Labs SDK project’s GitHub repository and…
-

Researcher Details WhatsApp-to-Host Attack Chain Using Three OpenClaw Flaws
Details have emerged about three now-patched security flaws in the OpenClaw personal…
-

New MODBEACON RAT Uses gRPC Streaming for Encrypted C2 Traffic
The China-linked cybercrime group known as Silver Fox has been attributed to…
-

Exposed Hacker Server Reveals WP-SHELLSTORM Backdooring Thousands of WordPress Sites
A cybercrime crew left one of its own servers wide open on…
-

Unpatched XRING Flaw in XQUIC Lets Remote Clients Crash HTTP/3 Servers
A single wrong variable on one line in XQUIC, Alibaba’s QUIC and…

