Microsoft has identified an active supply chain attack targeting the npm package ecosystem. On May 28, 2026, a single threat actor operating under the newly created maintainer alias vpmdhaj (a39155771 ...
Downloading executable installer files from random websites is the best way to put malware on your Windows PC. Stop doing ...
Microsoft exposes a cryptojacking campaign using SEO poisoning and ScreenConnect to target high-performance PCs, with ...
Ghost CMS flaw CVE-2026-26980 enabled attacks on 700+ sites, injecting ClickFix malware through fake CAPTCHA pages.
A legacy Windows scripting utility tied to Internet Explorer is still being used in modern malware campaigns, researchers say ...
Attackers are increasingly abusing Microsoft’s legacy MSHTA utility to silently deliver malware, stealers, and persistent ...
ThreatDown Uncovers First Cyber Attack Abusing Deno JavaScript Runtime for Fileless Malware Delivery
ThreatDown’s EDR team discovered a sophisticated, multi-stage attack chain during an active investigation; the first documented case of attackers abusing the Deno runtime as a malware execution ...
Many organisations are turning to virtualisation of apps and desktops. This often involves virtualisation platforms such as Citrix to deliver these services. Get your configuration or lock-down wrong ...
The JavaScript (aka JScript) malware loader called GootLoader has been observed using a malformed ZIP archive that's designed to sidestep detection efforts by concatenating anywhere from 500 to 1,000 ...
Attackers use fake Fortinet dialogs and social engineering to trick users into executing malware Cache smuggling hides malware in browser cache, bypassing download and PowerShell detection tools ...
Application-related errors usually stem from corrupt installation or system files. A simple reinstallation or an SFC scan can erase these errors and your system will return to normalcy. The nw.exe ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results