Compromised dYdX npm and PyPI packages delivered wallet-stealing malware and a RAT via poisoned updates in a software supply chain attack.

A decade-old critical security vulnerability affects over 800,000 internet-exposed telnet servers, with reports of active ...

The threat actor has been compromising cloud environments at scale with automated worm-like attacks on exposed services and ...

Worm-driven TeamPCP campaign exploits Docker, Kubernetes, Redis, Ray, and React2Shell to build proxy infrastructure for data theft and ransomware.

Malicious "skills" and persnickety configuration are just a few issues that security researchers have found when installing the OpenClaw AI assistant.

Businesses are being warned about a new cyber campaign targeting Windows environments where getting in is only the beginning – not the end – of the attack.

CrashFix crashes browsers to coerce users into executing commands that deploy a Python RAT, abusing finger.exe and portable Python to evade detection and persist on high‑value systems.

OpenClaw, formerly Clawdbot and Moltbot, faces malware attacks as fake skills and extensions exploit trust in local AI tools.

Alert your bank if you shared financial details and watch for suspicious activity. Scan devices for viruses and alert contacts if your account was used for phishing. Did our AI summary help? The ...