Microsoft Threat Intelligence analyzed a cryptocurrency clipper campaign that combines clipboard theft, wallet replacement, ...
A PowerShell script included in patch files appears to be triggering false positives by multiple security engines.
A single pipeline replaced fourteen lines and I never looked back.
From package to postinstall payload: Inside the Mastra npm supply chain compromise by Sapphire Sleet
A poisoned npm package infected 140+ projects with a hidden payload. This report highlights how to detect, hunt, and defend ...
A variant of the PureLogs infostealer malware has been distributed through purchase-order-themed phishing emails that use a malicious JavaScript file to launch a multi-stage infection chain on Windows ...
AI is quickly reshaping the way administrators approach scripting, but for experienced PowerShell users, the real promise is not automation without expertise -- it's automation that amplifies it. In ...
Microsoft reports a Windows clipper malware campaign using USB-delivered LNK files and Tor-based C2 since Feb 2026, stealing ...
TL;DR Introduction At the start of this year, I wrote a blog on how 2025 was the ‘year of the infostealer’, and it doesn’t ...
IntroductionIn March 2026, Zscaler ThreatLabz observed multiple instances of typosquatting domains hosting malicious content generated with AI-powered website creation tools. Threat actors are ...
Microsoft says it has detected new self-propagating malware that spreads through USB drives in search of cryptocurrency ...
Microsoft links the recent Mastra AI npm supply chain attack to , a North Korean group known for cryptocurrency theft ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results