Feds are looking to hear from victims after several games on Valve’s Steam platform were found to be distributing malicious software.

Researchers say they’ve discovered a supply-chain attack flooding repositories with malicious packages that contain invisible code, a technique that’s flummoxing traditional defenses designed to ...

In a rare move, the FBI has published an alert 'seeking victim information' related to a hacker exploiting Valve's Steam ...

Your Asus router may have been targeted by a sophisticated form of malware capable of adding devices to a botnet and using ...

A fake $TEMU crypto airdrop uses the ClickFix trick to make victims run malware themselves and quietly installs a remote-access backdoor.

A new malware strain dubbed Slopoly, likely created using generative AI tools, allowed a threat actor to remain on a compromised server for more than a week and steal data in an Interlock ransomware ...

Hackers can change a single byte to insert malware undetected, posing as an apparently corrupted ZIP file dubbed Zombie Zip. A security researcher demonstrated this by tricking Windows Defender and ...

The Contagious Interview campaign weaponizes job recruitment to target developers. Threat actors pose as recruiters from crypto and AI companies and deliver backdoors such as OtterCookie and ...

Hackers are increasingly exploiting newly disclosed vulnerabilities in third-party software to gain initial access to cloud environments, with the window for attacks shrinking from weeks to just days.

It uses some of the oldest tricks in the book.

Malicious AI browser extensions posing as helpful assistants harvested ChatGPT and DeepSeek chat data from nearly 900,000 users, Microsoft says.

New malware spreads via fake GitHub downloads, stealing browser passwords, crypto wallets, Discord tokens, and credit card details from Windows users.