ESET Research has released its H1 2026 Threat Report with statistics from December 2025 through May 2026.ClickFix – a social engineering ...
In the brief history of AI security, the prompt injection has quickly become the top threat. Large language models are ...
Fake CVE exploit repos pull frint and skytext packages to steal researcher credentials, with servers still live as of July 1.
Software developers across close to 100 organisations have been targeted by a likely North Korea-linked hacking operation that used fake recruitment and code-review tasks to steal cryptocurrency, ...
Multiple weaponized proof-of-concept (PoC) exploits on GitHub delivered a Python-based remote access trojan (RAT) called ChocoPoC that can execute commands and steal sensitive data. However, ChocoPoC ...
A campaign active since last November has been targeting Python developers building Telegram bots with trojanized Pyrogram ...
Attackers can inject indirect prompts in normal-looking repositories to trick Claude Code into spawning a reverse shell.
Tenet Security hijacked Claude Code in 85% of tests via a fake Sentry error — no stolen credentials, no alerts. Datadog and ...
13don MSN
Edge users beware — this malicious extension can break out of the sandbox and install ransomware
Researchers from Zscaler found a new malware campaign dubbed Edgecution.
The North Korean state-sponsored hacking group known as ScarCruft (aka APT37) has been observed using spear-phishing messages impersonating Microsoft Account security notifications to deliver a new ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results