Security researchers found two AI-branded VS Code extensions with 1.5M installs that covertly send source code and files to ...
Marketplace that were collectively installed 1.5 million times, exfiltrate developer data to China-based servers.
Researchers discover that PureRAT’s code now contains emojis – indicating it has been written by AI based-on comments ripped ...
Two fake spellchecker packages on PyPI hid a Python RAT in dictionary files, activating malware on import in version 1.2.0.
Researchers from OpenAI, Anthropic, and Google DeepMind found that adaptive attacks bypassed 12 AI defenses that claimed near ...
A new malicious campaign mixes the ClickFix method with fake CAPTCHA and a signed Microsoft Application Virtualization (App-V ...
This is Part 2 of our two-part technical analysis on the Gopher Strike and Sheet Attack campaigns. For details on the Gopher Strike campaign, go to Part 1.IntroductionIn September 2025, Zscaler ...
Two VSCode extensions are harvesting sensitive data and sending it to China.
Fake AI coding assistants for VS Code, disguised as ChatGPT extensions, infected over 1.5 million developers with spyware.
ESET researchers discover an Android spyware campaign targeting users in Pakistan via romance scam tactics, revealing links to a broader spy operation.
Cloud-native applications have changed how businesses build and scale software. Microservices, containers, and serverless ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results