New ClickFix variant maps WebDAV drive to run trojanized WorkFlowy app, enabling stealth C2 beacon and payload delivery.

ThreatDown, the corporate business unit of Malwarebytes, today published research documenting what researchers believe to be ...

AI-generated Slopoly malware used by Hive0163 in 2026 attacks maintained access for over a week, highlighting how AI ...

Hungry Studio today announced that Block Blast! ranked No. 1 worldwide by downloads in both January and February 2026, according to the latest global mobile game download rankings from Sensor Tower.

This week, Russian hackers targeted Signal and WhatsApp users, permit-fee phishing hit U.S. applicants, ClickFix on WordPress ...

Hackers have a new tool called ClickFix. The new attack vector combines fake human-verification prompts with malware, trying to trick users into running Terminal commands that bypass macOS security.

The move follows an announcement in February that the government will label all things LGBTQ+ "deviant culture." ...

IntroductionThreat actors often take advantage of major global events to fuel interest in their malicious activities. Zscaler ThreatLabz is diligently tracking a surge in cybercriminal activity that ...

While long-form films, television series, and traditional gaming experiences remain popular, many people are increasingly drawn to shorter forms of digital entertainment.

The State Law Enforcement Division (SLED) is warning that a number of news websites across the State using the “HereCity” platform have been hacked and contain a malicious JavaScript. HereCity is a ...

Many Chrome extensions start as small developer projects, and once they gain users, are sold on. But what if the new owner turns out to be a bad actor who gains the ability to update software running ...

New attack waves from the 'PhantomRaven' supply-chain campaign are hitting the npm registry, with dozens of malicious packages that exfiltrate sensitive data from JavaScript developers.