Malwarebytes recently uncovered a new malicious campaign targeting the Windows Update service. Focused on French-speaking users, the campaign uses layered obfuscation techniques to deliver multiple ...

Security teams are grappling with a major supply chain attack on Axios, a popular JavaScript library with over 100 million ...

I have eight years of experience covering Android, with a focus on apps, features, and platform updates. I love looking at ...

GlassWorm uses a fake WakaTime VS Code extension to infect IDEs, deploy RATs, and steal data, prompting urgent credential ...

Seal Security today announced the Mythos Readiness Program, a limited-availability initiative for enterprises that are not part of Anthropic's private Project Glasswing review of Claude Mythos Preview ...

A convincing Microsoft lookalike tricks users into downloading malware that steals passwords, payments, and account access.

Malwarebytes warns that a fake Microsoft support site is distributing password-stealing malware through a spoofed Windows update installer ...

FEATURE Two supply chain attacks in March infected open source tools with malware and used this access to steal secrets from ...

A supply-chain attack backdoored versions of Axios, a popular JavaScript library that's present in many different software packages, to distribute a cross-platform, ...

Adobe has released an emergency security update for Acrobat Reader to fix a vulnerability, tracked as CVE-2026-34621, that ...

An attacker purchased 30+ WordPress plugins on Flippa, planted backdoors that lay dormant for eight months, then activated ...

The biggest story of the week is a new massive supply chain breach, which appears to be unrelated to the previous massive supply chain breaches, this time of the Axios HTTP project. Axios was ...