malware

A targeted supply chain attack via popular software for mounting disk images.

As tax-return season rolls around, cybercriminals worldwide are shifting into high gear. They peddle fraudulent services, spoof official tax agency websites, and drain the bank accounts of unsuspecting taxpayers. Here’s how to spot phishing attempts and scams, along with tips for handling your tax documents securely

The emergence of DarkSword and Coruna — new malware targeting iOS — shows exactly how government intelligence tools are being repurposed as weapons for cybercriminals. We break down how these attacks work, why they’re so dangerous, and what you can do to not get infected.

Threat actors are promoting pages containing malicious instructions for installing AI agents intended for workflow automation.

Cybercriminals are distributing malware that deploys an infostealer and masks its activity in network and system logs.

We’ve identified a new infostealer named Stealka, which masquerades as pirated software and game mods. It targets data stored inside browsers, locally installed applications, and crypto wallets.

How automation turns legitimate tools into a channel for malware delivery.

Two campaigns by the BlueNoroff APT group target developers and executives in the crypto industry.

Official gaming websites and platforms may seem safe, but even there gamers occasionally encounter malware. We break down infection cases involving Endgame Gear, Steam, and Minecraft.

Unknown attackers have compromised several popular npm packages in a supply-chain attack.

Attackers hijack Discord invite links and redirect victims to scam servers to install malware using the ClickFix technique.

Archives are being used in targeted phishing and other attacks on organizations. What tools, settings, and policies can mitigate the threat?

Attackers use the polyglot technique to disguise malware. We explain what it is and how to protect your company against attacks.

We discovered over 200 repositories with fake projects on GitHub. Using them, attackers distribute stealers, clippers, and backdoors.

Attackers are pumping out fake wedding invitations containing malicious APKs to Android users. To find out how to guard against this new threat, read on.

Banshee stealer, a macOS stealer that emerged last year, is now roaming free on the Web, infecting Mac users and gaining new capabilities. How to protect yourself?

Scareware is malware that scares users into doing something risky. Here’s how it works.

Someone is targeting security experts using an archive that allegedly contains an exploit for the regreSSHion vulnerability.

How URL shorteners work, how they can be used, and the privacy and security threats they pose.

Korean filmmakers have made a film about cybercrime that deserves a look — if only as a training tool.

The new version of Prilex malware, used to attack POS terminals, now can block NFC transactions.