A new supply chain attack targeting the Node Package Manager (npm) ecosystem is stealing developer credentials and attempting to spread through packages published from compromised accounts.

North Korean hackers used AppleScript and ClickFix in recent attacks targeting macOS systems at financial organizations.

Regula, a global developer of identity verification solutions, released a new analysis of the world's most challenging identity documents to verify digitally, finding that IDs using Arabic, Chinese, ...

Mythos remains a mystery as security world faces rising threats, agentic attacks and concerns about AI integrity - ...

Stolen OAuth tokens, which are at the root of these breaches, "are the new attack surface, the new lateral movement," a ...

Learn the most common cryptocurrency scam scripts, from fake investments to romance fraud, and how to recognize warning signs ...

FortiGuard Labs has identified a Mirai-based Nexcorium campaign actively exploiting CVE-2024-3721 in TBK DVR devices ...

DeFi's "worst year in terms of hacks," Ledger's CTO said, as the Kelp exploit shows how a single point of failure can cascade ...

North Korea's Sapphire Sleet uses fake job offers and phony Zoom updates to deliver ClickFix attacks that steal credentials ...

Hackers are exploiting a critical vulnerability in Marimo reactive Python notebook to deploy a new variant of NKAbuse malware ...

A group of hackers used both Claude Code and ChatGPT in a cybersecurity hack that lasted two and a half months.

Security experts are sounding the alarm after a new wave of Medicare “verification” scam calls started hitting phones across ...