On March 31, 2026, the popular HTTP client Axios experienced a supply chain attack, causing two newly published npm packages ...

Hackers weaponize CAPTCHA tests to install malware that steals browser passwords and cryptocurrency wallets through fake ...

The new DeepLoad malware has been distributed in ClickFix attacks to steal user credentials and install a rogue browser ...

I’ve used plenty, but this one rewired my daily workflow.

AI-powered fileless malware is changing what it means to keep a Windows 11 PC secure. Here's what's happening and what to do.

Hackers hijacked the npm account of the Axios package, a JavaScript HTTP client with 100M+ weekly downloads, to deliver ...

Axios 1.14.1 and 0.30.4 injected malicious plain-crypto-js@4.2.1 after npm compromise on March 31, 2026, deploying ...

A pair of new Windows 11 Canary builds is now available for testing, and one of them brings tons of Command Line improvements ...

A recently released port of Doom can load into memory from Cloudflare without ever writing files to the disc. The project ...

The massive amount of junk code that hides the malware's logic from security scans was almost certainly generated by AI, ...

DeepLoad exploits ClickFix and WMI persistence to steal credentials, enabling stealth reinfection after three days.

Fake CAPTCHA pages can install the StealC infostealer. Don't paste or run commands; disconnect and change passwords.