How modern infostealers target macOS systems, leverage Python‑based stealers, and abuse trusted platforms and utilities to ...

Knostic found 1,862 MCP servers exposed with zero authentication. Here are five actions CISOs should take now.

Moltbot’s viral open-source AI assistant wowed users with automation power but sparked major security, privacy, and misuse concerns.

New WhatsApp Web attack spreads self-propagating ZIP files containing Astaroth banking malware through trusted conversations. Boto Cor-de-Rosa campaign tracks delivery success.

Perplexity was great—until my local LLM made it feel unnecessary ...

ChatGPT has quietly gained bash support and multi-language capabilities, enabling users to run commands and install packages in containers without official announcements.

Two malware campaigns weaponize open-source software to target executives and cloud systems, combining social engineering ...

Two fake spellchecker packages on PyPI hid a Python RAT in dictionary files, activating malware on import in version 1.2.0.

Who needs humans when a purported 1.5 million agents trade lobster memes and start their own religion? Moltbook, vibe-coded by Octane AI founder Matt Schlicht in a weekend (he cla ...

Stranger Things concept of the “Upside Down” is a useful way to think about the risks lurking in the software we all rely on.

ClickFix variant CrashFix relies on a malicious Chrome extension to crash the browser and trick victims into installing the ModeloRAT RAT.

Block by boring block.