Cyber Security News

Hackers are creating convincing fake websites that impersonate popular security tools to trick users into downloading malware.

Instead of obvious phishing pages, these sites look almost identical to real project portals, complete with p...

A self-replicating worm has been quietly spreading across the npm registry using a method most security teams do not watch for. Instead of hiding inside package.json scripts, the attacker weaponized a tiny configuration file called binding.gyp to trigger malicious code the moment a developer runs npm install.

The campaign hit dozens of packages across multiple main...

A new and rapidly spreading malware campaign is putting macOS users at serious risk. Threat actors are using Google Ads to push fake desktop applications that secretly install a powerful backdoor on infected machines.

The campaign, dubbed Operation FlutterBridge, marks a sharp escalation in tactics from financially motivated attackers who have been active since at ...

Hackers are exploiting the excitement around AI coding tools by targeting users who search for Claude Code installation guides. An active campaign uses fake installer pages to silently steal credentials from unsuspecting victims.

The attackers use SEO poisoning to push a spoofed Anthropic install page to the top of search results. Once a user lands there, the trap ...

A newly discovered malware campaign called IronWorm has been silently targeting software developers through poisoned npm packages, stealing credentials, API keys, and even cryptocurrency wallet recovery phrases.

The attack is built to spread itself through trusted developer workflows, making it one of the more sophisticated supply-chain threats seen in recent years....