Three distinct campaigns were recently spotted, all targeting MacOS users with infostealers.

A fake $TEMU crypto airdrop uses the ClickFix trick to make victims run malware themselves and quietly installs a remote-access backdoor.

Plymouth County in southeastern Massachusetts -- including residents in Bridgewater who got 31 inches -- were working hard Tuesday to dig out after Monday's storm. At an apartment building on Main ...

A fake website, a ClickFix, and an infostealer ...

GitLab exposes abuse of its platform to trick software developers into downloading malicious payloads and finance companies ...

According to new technical analyses from Google and mobile security firm iVerify, Coruna's technical core comprises five complete exploit chains and 23 distinct iOS vulnerabilities that ...

Storm-2561 spreads fake VPN installers via SEO poisoning and GitHub downloads, stealing enterprise VPN credentials with Hyrax malware.

Hackers have a new tool called ClickFix. The new attack vector combines fake human-verification prompts with malware, trying to trick users into running Terminal commands that bypass macOS security.

A new technique dubbed "Zombie ZIP" helps conceal payloads in compressed files specially created to avoid detection from security solutions such as antivirus and endpoint detection and response (EDR) ...

AI-generated Slopoly malware used by Hive0163 in 2026 attacks maintained access for over a week, highlighting how AI accelerates malware development.

This week, Russian hackers targeted Signal and WhatsApp users, permit-fee phishing hit U.S. applicants, ClickFix on WordPress ...

Unwitting victims are now being tricked into installing malware via Windows Terminal, but some experts say this is old news.