Researchers discovered malicious npm packages posing as n8n integrations, exfiltrating OAuth tokens and API keys from ...

Browser extensions turned malicious after years of legitimate operation in DarkSpectre campaign affecting millions. The ...

Researchers from the Koi security company discovered an ongoing campaign spreading malicious wallet extensions on Firefox. The malicious apps spoof the most widely used wallets, stealing private ...

Phishing attacks using malicious QR codes surged more than fivefold in the second half of 2025 as cybercriminals increasingly ...

Hackers were reportedly able to modify several Chrome extensions with malicious code this month after gaining access to admin accounts through a phishing campaign. The cybersecurity company Cyberhaven ...

The FBI Jan. 8 released an alert on evolving threat tactics by Kimsuky, a North Korean state-sponsored cyber threat group. As of last year, the group has targeted research organizations, academic ...

The North Korean APT Kimsuky uses malicious QR codes in spear-phishing attacks targeting academics, government entities, and ...

Trust Wallet believes the compromise of its web browser to steal roughly $8.5 million from over 2,500 crypto wallets is ...

So, when an attacker sends a fake UCPath payroll notification with a QR code linking to a credential harvesting site, a SEG ...

What security teams need to know about the browser-based attack techniques that are the leading cause of breaches in 2025. “The browser is the new battleground.” “The browser is the new endpoint”.

AI-generated computer code is rife with references to nonexistent third-party libraries, creating a golden opportunity for supply-chain attacks that poison legitimate programs with malicious packages ...

Thousands of active AWS accounts are vulnerable to a cloud image name confusion attack that could allow attackers to execute codes within those accounts. According to DataDog research, vulnerable ...