On June 24, 2026, Microsoft’s Digital Crimes Unit (DCU) facilitated the takedown, suspension, and blocking of domains that ...
- A new macOS ClickFix campaign uses a fake CAPTCHA page to trick users into installing malware. - It instructs users to paste text into a Terminal command that silently downloads and mounts a ...
Our recent review of threat detections in Brazil surfaced BTMOB, an Android remote access trojan (RAT) that is less notable for detection volume than for the damage it can wreak. The combination of ...
A Shai-Hulud copycat has turned up in yet another npm package just five days after TeamPCP open sourced the worm and announced a supply-chain attack competition on BreachForums. Plus, the same scumbag ...
A new wave of the Mini Shai-Hulud campaign compromised dozens of TanStack npm packages as part of a broader supply chain attack affecting developer ecosystems, including packages tied to UiPath, ...
Abstract: In the realm of cybersecurity, the extraction of Cyber Threat Intelligence (CTI) is vital for acquiring accurate Tactics, Techniques, and Procedures (TTPs) and Indicators of Compromise (IoC) ...
The post From fake Proton VPN sites to gaming mods, this Windows infostealer is everywhere appeared first on Malwarebytes. We’ve uncovered multiple campaigns distributing an infostealer we track as ...
The post Fake YouTube copyright notices can steal your Google login appeared first on Malwarebytes. A convincing phishing campaign is going after YouTube creators, and if it works, attackers don’t ...
An apparent hack-for-hire campaign likely orchestrated by a threat actor with suspected ties to the Indian government targeted journalists, activists, and government officials across the Middle East ...
Microsoft Defender Experts observed a campaign beginning in late February 2026 that uses WhatsApp messages to deliver malicious Visual Basic Script (VBS) files. Once executed, these scripts initiate a ...
Threat actors are using adversary-in-the-middle (AitM) phishing pages to seize control of TikTok for Business accounts in a new campaign, according to a report from Push Security. Business accounts ...
OTX DirectConnect provides a mechanism to automatically pull indicators of compromise from the Open Threat Exchange portal into your environment. The DirectConnect API provides access to all Pulses ...