The attack consists of a NexShield malicious browser extension, a social engineering technique to crash the browser, and a ...

New WhatsApp Web attack spreads self-propagating ZIP files containing Astaroth banking malware through trusted conversations.

ClickFix variant CrashFix relies on a malicious Chrome extension to crash the browser and trick victims into installing the ...

A malvertising campaign is using a fake ad-blocking Chrome and Edge extension named NexShield that intentionally crashes the ...

Researchers with Cyata and BlueRock uncovered vulnerabilities in MCP servers from Anthropic and Microsoft, feeding ongoing security worries about MCP and other agentic AI tools and their dual natures ...

Perplexity was great—until my local LLM made it feel unnecessary ...

A worker searching for an adblocker ended up installing malware instead after threat actor KongTuke pushed a fake Chrome ...

Researchers uncovered a CrashFix campaign where a fake Chrome ad blocker crashes browsers to trick users into installing the ...

These save me hours, time that would otherwise be spent configuring Windows from scratch ...

Two fake spellchecker packages on PyPI hid a Python RAT in dictionary files, activating malware on import in version 1.2.0.

John Hammond is a Security Researcher at Huntress as well as a cybersecurity instructor, developer, red teamer, and CTF enthusiast. John is a former Department of Defense Cyber Training Academy ...