Top Stories
Recent Posts
-

Grok Build Uploaded Entire Git Repositories to xAI Storage, Not Just Files It Read
xAI’s Grok Build coding CLI was uploading entire Git repositories, full commit…
-

U.S. Sanctions First VPN Service and Malware Cryptor Seller Over Ransomware Support
The U.S. Treasury Department’s Office of Foreign Assets Control (OFAC) has designated…
-

Microsoft Maps Year-Long ShinyHunters-Linked Salesforce Data Theft Across Three Paths
Attackers whose methods line up with the data-extortion group ShinyHunters have spent…
-

Google and Microsoft Pull ModHeader With 1.6 Million Installs After Dormant Collector Found
Google and Microsoft have pulled ModHeader, a popular header-editing extension with roughly…
-

CrashStealer macOS Malware Uses Notarized Dropper to Pass Gatekeeper Checks
Cybersecurity researchers have flagged a new macOS information stealer called CrashStealer that’s…
-

⚡ Weekly Recap: ShareFile Threat, Citrix Bleed 2 Ransomware, AI Coding Attacks, and More
Somewhere right now, a security tool is quietly finding bugs faster than…
-

Forg365 PhaaS Targets Microsoft 365 with Device Code and AitM Session Theft
A new phishing-as-a-service (PhaaS) operation called Forg365 is using a combination of…
-

Compromised jscrambler 8.14.0 npm Release Drops Rust Infostealer During Install
Version 8.14.0 of the jscrambler npm package shipped with a malicious preinstall hook that silently drops…
-

Injective Labs GitHub Compromise Pushes Wallet-Key-Stealing npm Packages
Unknown threat actors compromised the Injective Labs SDK project’s GitHub repository and…
-

Researcher Details WhatsApp-to-Host Attack Chain Using Three OpenClaw Flaws
Details have emerged about three now-patched security flaws in the OpenClaw personal…

