ThreatDown, the corporate business unit of Malwarebytes, today published research documenting what researchers believe to be ...

Today, threat actors are quietly collecting data, waiting for the day when that information can be cracked with future ...

OX Security exposes a GitHub phishing campaign targeting OpenClaw developers with fake $CLAW airdrops and a cloned site built ...

The phishing campaign lures OpenClaw developers with fake $5,000 token airdrops, then drains wallets through a cloned site ...

Uh-oh. Now anyone can easily use it.

Threat actors are evading phishing detection in campaigns targeting Microsoft accounts by abusing the no-code app-building ...

DeepLoad exploits ClickFix and WMI persistence to steal credentials, enabling stealth reinfection after three days.

GlassWorm campaign injects malware into GitHub Python repos using stolen tokens since March 8, 2026, exposing developers to ...

The malware at the center of it, dubbed Omnistealer by investigators, uses public blockchains not just for payments, but as ...

Allen Institute for AI, a prominent Seattle-based nonprofit research organization working on advancing artificial ...

Fake CAPTCHA pages can install the StealC infostealer. Don't paste or run commands; disconnect and change passwords.

Dozens of updated, malicious GlassWorm extensions have infested Open VSX, threatening software development supply chains.