Attackers hijacked GitHub's Desktop repository using repo squatting and malvertising, distributing advanced malware through what looked like the official installer. Find out how this sophisticated campaign worked and why supply chain security is more critical than ever.
Hackers hijacked the GitHub Desktop repository, using repo squatting and GPU-based evasion to spread malware as legitimate updates. This investigative feature unpacks the GPUGate supply chain attack and its implications for developer security.
Fake Notepad++ and 7-Zip download sites are distributing remote monitoring malware that evades antivirus detection. Discover how cybercriminals turn trusted utilities into powerful attack tools—and how to protect yourself.
A new wave of attacks blends fake CAPTCHAs, Microsoft App-V scripts, and steganography to deliver the Amatera infostealer, exposing how legitimate Windows tools are being weaponized against unsuspecting users.
Stanley, a new malware-as-a-service, is enabling attackers to publish phishing extensions directly to the Chrome Web Store. Here’s how it works, why it’s dangerous, and what users need to know.
A new malware toolkit named Stanley is enabling cybercriminals to run undetectable phishing attacks via Chrome extensions, fooling users by keeping the address bar unchanged. Here’s how this sophisticated scam is changing the game.
EmEditor's trusted installer was compromised in a sophisticated supply chain attack, distributing credential-stealing malware to unsuspecting users. Our investigation reveals how the attackers operated and what organizations must do to defend against similar threats.
A new breed of cybercrime is using fake CAPTCHA verification pages to deliver malware through trusted web workflows, evading detection with ever-evolving tactics and exploiting the trust users place in familiar security checks.
North Korean hackers have unleashed a new breed of AI-generated malware, targeting developers and engineers across Asia’s blockchain and cryptocurrency industries. This investigative feature exposes KONNI’s latest campaign and its implications for cybersecurity.
A sophisticated MacSync infostealer campaign targets macOS crypto users with a single Terminal command, bypassing security, hijacking wallets, and stealing credentials through deceptive installer prompts and app trojanization.