Malicious npm package '@openclaw-ai/openclawai' downloaded 178 times installs GhostLoader RAT, stealing credentials and crypto wallets.

Scammers are using cloned versions of popular AI coding tools to spread info-stealing malware through fake installation ...

Dubbed InstallFix by Push Security, the scheme inserts instructions to download malware during the Claude Code install process on cloned websites.

CERT-In has issued a high-severity warning for Google Chrome users, citing vulnerabilities that could allow remote code execution. The advisory urges users to update their browser to the latest ...

Malicious Chrome extensions tied to ownership transfers push malware and steal data, exposing thousands to credential theft ...

ActiveX is a Microsoft software framework that enables applications to share data across web browsers, enhancing functionality and security in computing.

Google and iVerify have shared details about Coruna, an exploit kit that chains multiple vulnerabilities to target iPhones ...

Apple's iOS 26.4 beta adds AI-generated Apple Music playlists, early testing for encrypted RCS messaging and a new setting to tone down iOS 26's brighter visual effects. With more than a decade of ...

A website styled to look like a Google Account security page is distributing what Malwarebytes describes as one of ...

Builderius page builder announced an experimental AI integration that can read and apply changes directly inside the builder.

The Islamic Republic, knowing that this fight is existential, retaliated quickly with deadly missile and drone attacks on Israel, U.S. bases in the Middle East, and targets in Gulf states and beyond.

IntroductionThreat actors often take advantage of major global events to fuel interest in their malicious activities. Zscaler ThreatLabz is diligently tracking a surge in cybercriminal activity that ...