A convincing Microsoft lookalike tricks users into downloading malware that steals passwords, payments, and account access.
MicrosoftがWindows 11のネイティブなコマンドプロンプト環境に対して、Windows ...
The TeamPCP hacking group has hacked the Telnyx PyPI package as part of a supply chain campaign targeting the broad OSS ecosystem.
A newly documented BlankGrabber infection chain is using a bogus “certificate” loader to disguise a multi-stage Windows compromise, adding another layer of deception to a commodity stealer already ...
North Korean hackers used an updated version of a known backdoor to target a popular npm package.
A critical supply chain attack has compromised the popular JavaScript library axios, leading to developers unknowingly ...
PM This week in cybersecurity: botnets, RCE flaws, AI-driven attacks, stealers, and more. Fast, no-fluff roundup.
DeepLoad exploits ClickFix and WMI persistence to steal credentials, enabling stealth reinfection after three days.
A North Korea-nexus threat actor compromised the widely used axios npm package, delivering a cross-platform remote access ...
On March 31, 2026, the popular HTTP client Axios experienced a supply chain attack, causing two newly published npm packages ...