Microsoft Threat Intelligence is warning Windows users about a cryptocurrency clipper strain of malware transmitted via USB drives. The malware, which has been affecting users since February, steals ...
A widely active phishing-as-a-service (PhaaS) operation known as FlowerStorm has begun using a browser-based virtual machine to conceal credential theft code, marking what researchers say is an ...
Two phishing campaigns, each using a different stealthy infection technique, are targeting organizations in attacks which aim to deliver data stealing malware to devices running on Microsoft Windows.
Editor's take: Microsoft has increasingly turned Windows Update into a point of frustration for some users, all while cybercriminals continue to exploit weaknesses in the Windows platform to deploy ...
Within days of each other, Anthropic first leaked the source code to Claude Code, and then a critical vulnerability was found by Adversa AI. On March 31, 2026, Anthropic mistakenly included a ...
ThreatDown’s EDR team discovered a sophisticated, multi-stage attack chain during an active investigation; the first documented case of attackers abusing the Deno runtime as a malware execution ...
Abstract: JavaScript code obfuscation has become a major technique used by malware writers to evade static analysis techniques. Over the past years, a number of dynamic analysis techniques have been ...
The hackers trick victims into accessing GitHub or GitLab repositories that are opened using Visual Studio Code. Once the repositories are opened in VS Code, the victim is prompted to trust the ...
Threat actors behind the campaign are abusing Microsoft Visual Studio Code’s trusted workflows to execute and persist malicious code. Threat actors behind the long-running Contagious Interview ...
The North Korean threat actors associated with the long-running Contagious Interview campaign have been observed using malicious Microsoft Visual Studio Code (VS Code) projects as lures to deliver a ...
Microsoft Threat Intelligence recently detected and blocked a credential phishing campaign that likely used AI-generated code to obfuscate its payload and evade traditional defenses. Appearing to be ...
Newly discovered npm package 'fezbox' employs QR codes to retrieve cookie-stealing malware from the threat actor's server. The package, masquerading as a utility library, leverages this innovative ...