SideCopy targeted Afghanistan's Finance Ministry with Xeno RAT via Pashto phishing lures, enabling espionage and system ...

A dependency confusion campaign leveraged 33 malicious npm packages to collect reconnaissance data from developer and build environments. This report details the attack chain, observed tradecraft, and ...

Ghostwriter used Prometheus lures since spring 2026 to target Ukraine agencies, enabling malware delivery and data theft.

GitLab exposes abuse of its platform to trick software developers into downloading malicious payloads and finance companies into hiring North Koreans. Research from GitLab has exposed the latest ...

A new malware implant called EtherRAT, deployed in a recent React2Shell attack, runs five separate Linux persistence mechanisms and leverages Ethereum smart contracts for communication with the ...

Web exposure management platform startup Reflectiz Ltd. revealed today that it has raised $22 million in new funding to expand its current product offering. The company plans to use the money to ...

Forbes contributors publish independent expert analyses and insights. Davey Winder is a veteran cybersecurity writer, hacker and analyst. Update, April 15, 2025: This story, originally published April ...

Security researchers found malicious code hiding in two VSCode extensions Microsoft quickly pulled them and notifies users The developer criticized Microsoft's move, saying they were never consulted ...

This JavaScript Obfuscator allows you to easily protect your code by combining the power of UglifyJS for minification and compression with advanced obfuscation techniques from JavaScript Obfuscator.

A mysterious family of Android malware with a demonstrated history of effectively concealing its myriad spying activities has once again been found in Google Play after more than two years of hiding ...