Jamf says the Rust-based PamStealer targets Apple Silicon Macs, steals browser, wallet, Keychain, and clipboard data, and persists.
Researchers have found a never-before-seen piece of macOS malware that combines a series of clever tradecraft to infect Macs ...
Veteran sharpshooter CJ McCollum and the Atlanta Hawks have inked a jaw-dropping contract extension that’s shaking up the NBA. Find out how this move could flip the script in the Eastern Conference.
Mastra AI’s 144 JavaScript packages was executed in just 88 minutes by North Korea’s Sapphire Sleet hacking group, which ...
June 19, 2026 update: Microsoft assesses with high confidence that this activity is attributable to Sapphire Sleet, a North Korean state actor that primarily targets the financial sector. The ...
Steam is one of the most popular storefronts in PC gaming, but it turns out that the Steam Workshop might presently be ...
Cybersecurity researchers have disclosed details of a stealthy Python-based backdoor framework called DEEP#DOOR that comes with capabilities to establish persistent access and harvest a wide range of ...
Hackers are exploiting a critical vulnerability in Marimo reactive Python notebook to deploy a new variant of NKAbuse malware hosted on Hugging Face Spaces. Attacks leveraging the remote code ...
Claude’s rapid growth—nearly 290 million web visits per month—has made it an attractive target for attackers, and this campaign shows how easy it is to fall for a fake site. We discovered a fake ...
On Monday, the Axios npm supply chain attack came to light where malicious packages had been inserted into one of JavaScript’s most widely used libraries. Three major threat intelligence firms have ...
With almost 175,000 npm projects listing the library as a dependency, the attack had a huge cascade effect and shows how quickly a compromised package can propagate through the ecosystem. Attackers ...
On 2026-03-31, an unknown threat actor compromised the npm account of jasonsaayman, the primary maintainer of axios. The attacker changed the account email to ifstap@proton[.]me and manually published ...