OAuth redirection is being repurposed as a phishing delivery path. Trusted authentication flows are weaponized to move users ...

But QR codes can also leave you vulnerable. That’s because scammers, organized criminal gangs, and shady nation-states are ...

While some of the campaigns have been found to leverage the technique to deliver malware, others send users to pages hosted on phishing frameworks such as EvilProxy, which act as an ...

Malicious AI browser extensions collected LLM chat histories and browsing data from platforms such as ChatGPT and DeepSeek. With nearly 900,000 installs and activity across more than 20,000 enterprise ...

A new study reveals what data sources ChatGPTs product carousels prefer to use. Here’s how we analyzed shopping query ...

Prompt like a hard-ass boss who won't tolerate failure and bots will find ways to breach policy AI agents work together to bypass security controls and stealthily steal sensitive data from within the ...

GlassWorm campaign used 72 malicious Open VSX extensions and infected 151 GitHub repositories, enabling stealth supply-chain attacks on developers.

Threat actors are employing a new variation of the ClickFix social engineering technique called InstallFix to convince users ...

United Healthcare impersonators are using an IPv6 trick to hide the real destination of phishing links in emails promising free Oral-B toothbrushes.

Researchers have found that attackers are abusing OAuth to send users from legitimate Microsoft or Google login pages to phishing sites or malware downloads.

Synscribe, an AI SEO & GEO startup, has launched a multi-tenant SEO & GEO AI agent built on the open-source OpenClaw framework that autonomously performs keyword research, creates landing pages, ...

A self-replicating npm worm dubbed SANDWORM_MODE hits 19+ packages, harvesting private keys, BIP39 mnemonics, wallet files and LLM API keys from dev environments.