Malwarebytes warns that a fake Microsoft support site is distributing password-stealing malware through a spoofed Windows update installer ...

Adobe patches a critical PDF flaw exploited for months, allowing attackers to bypass sandbox protections and deliver malware.

A convincing Microsoft lookalike tricks users into downloading malware that steals passwords, payments, and account access.

On March 31, 2026, the popular HTTP client Axios experienced a supply chain attack, causing two newly published npm packages ...

Malwarebytes recently uncovered a new malicious campaign targeting the Windows Update service. Focused on French-speaking users, the campaign uses layered obfuscation techniques to deliver multiple ...

An unknown malware slinger targeting open source software developers via Slack impersonated a real Linux Foundation official ...

It's not even your browser's fault.

What makes this attack so unsettling is that all the hackers had to do was just steal the password of one of the axios ...

UNC1069 compromised Axios 1.14.1 and 0.30.4 via social engineering, impacting 100M weekly downloads and exposing supply ...

AI chatbots make it possible for people who can’t code to build apps, sites and tools. But it’s decidedly problematic.

FEATURE Two supply chain attacks in March infected open source tools with malware and used this access to steal secrets from ...

The biggest story of the week is a new massive supply chain breach, which appears to be unrelated to the previous massive supply chain breaches, this time of the Axios HTTP project. Axios was ...