Malicious npm package '@openclaw-ai/openclawai' downloaded 178 times installs GhostLoader RAT, stealing credentials and crypto wallets.

Google and iVerify have shared details about Coruna, an exploit kit that chains multiple vulnerabilities to target iPhones ...

Malicious Chrome extensions tied to ownership transfers push malware and steal data, exposing thousands to credential theft ...

ActiveX is a Microsoft software framework that enables applications to share data across web browsers, enhancing functionality and security in computing.

A website styled to look like a Google Account security page is distributing what Malwarebytes describes as one of ...

Dubbed InstallFix by Push Security, the scheme inserts instructions to download malware during the Claude Code install process on cloned websites.

InstallFix delivers an infostealer to your device.

Baseball season always brings surprises, and this year, Konami decided to add its own curveball by quietly releasing a brand-new baseball game out of nowhere. No long marketing build-up — just a ...

A newly discovered InstallFix campaign relies on malicious commands on cloned installation webpages to trick victims into installing malware.

When you try to connect to another computer remotely using AnyDesk, you may encounter the error “Disconnected from the AnyDesk network”. This indicates ...

OpenAI has launched its Codex app on Windows, bringing a native AI coding assistant with project management, automations, and WSL support for developers. The post If you’re into AI coding, OpenAI just ...

Millions installed 'productivity' Chrome extensions that became malware after acquisition. Here's how browser extensions became enterprise security's weakest link.