A newly documented BlankGrabber infection chain is using a bogus “certificate” loader to disguise a multi-stage Windows compromise, adding another layer of deception to a commodity stealer already ...

TeamPCP hackers compromised the Telnyx package on the Python Package Index today, uploading malicious versions that deliver ...

With the arrival of the Base44 vibe-coding platform, natural language could be the new language of software development.

ThreatsDay Bulletin covers stealthy attack trends, evolving phishing tactics, supply chain risks, and how familiar tools are ...

Learn the five core elements shaping intelligent automation in 2026, from orchestration and event-driven data flows to ...

Langraph Deploy CLI lets developers create, test, and deploy AI agents from the terminal, with templates and langraph deploy ...

Instead of the usual phishing email or fake download page, attackers are using Google Forms to kick off the infection chain.

In addition to rolling out patches to address two zero-days affecting SQL Server and .NET, Microsoft introduced Common Log File System hardening with signature verification.

A fake $TEMU crypto airdrop uses the ClickFix trick to make victims run malware themselves and quietly installs a ...

The Contagious Interview campaign weaponizes job recruitment to target developers. Threat actors pose as recruiters from crypto and AI companies and deliver backdoors such as OtterCookie and ...

In January 2026, Microsoft Defender Experts identified a new evolution in the ongoing ClickFix campaign. This updated tactic deliberately crashes victims’ browsers and then attempts to lure users into ...