A new SHub Reaper macOS infostealer spoofs prompts from Apple, Google, and Microsoft to steal passwords, crypto data, and ...

A new variant of the 'SHub' macOS infostealer uses AppleScript to show a fake security update message and installs a backdoor ...

Fake OpenAI Privacy Filter hit #1 on Hugging Face with 244,000 downloads, spreading infostealer malware to Windows users.

The website for the popular JDownloader download manager was compromised earlier this week to distribute malicious Windows and Linux installers, with the Windows payload found deploying a Python-based ...

Attackers are increasingly abusing Microsoft’s legacy MSHTA utility to silently deliver malware, stealers, and persistent ...

Packagist packages hid malicious package.json scripts, enabling Linux binary execution during installs and workflows.

SHub Reaper stealer, which hides behind fake WeChat and Miro installers, marks a shift from ClickFix social engineering to ...

Storm-2949 turned stolen credentials into a cloud-wide breach, moving from identity compromise to large-scale data theft ...

Recently, users attempting to access their cloud photo backups, especially large archives, found some files unusable. Google confirmed on its blog that users ...

An attacker poisoned 84 TanStack npm versions across 42 packages, stealing GitHub OIDC tokens and cloud keys while planting a ...

A fake repo impersonating the OpenAI Privacy Filter model racked up 244,000 downloads in under 18 hours before Hugging Face ...

Security researchers say a new macOS infostealer called SHub Reaper disguises itself as Apple security software to steal passwords, cryptocurrency wallets, and sensitive files. The malware abuses ...