A SimpleHelp authentication flaw is being exploited to deploy Djinn Stealer, a cross-platform malware targeting cloud, ...

The infostealer was delivered via CVE-2026-48558, a critical authentication bypass vulnerability in SimpleHelp.

A threat actor has been exploiting CVE-2026-48558, a critical SimpleHelp vulnerability, to drop TaskWeaver and Djinn Stealer ...

ClickFix attacks are delivering BabaDeda, Lorem Ipsum, and Potemkin loaders to deploy stealers, RATs, and ransomware-linked ...

IntroductionOn May 14, 2026, the Zscaler ThreatLabz team identified unusually high activity associated with the threat actor SmartApeSG to deploy malware. During our examination, we discovered ...

EUROPOL and national law enforcement agencies struck three major MaaS platforms, froze money and servers, and cleaned ...

JFrog found malicious npm packages that deploy a Windows RAT to steal Chrome credentials, run commands, and transfer files.

Operation Endgame malware takedown seized 326 servers, froze $47M in criminal cryptocurrency, and recovered 27 million stolen ...

Microsoft Threat Intelligence identified an active multi-stage intrusion campaign targeting hospitality organizations in ...

Authorities announced taking down 106 SocGholish botnet C&C servers and domains, and cleaning up 15,000 WordPress websites.

An international Operation Endgame dismantled the SocGholish, StealC, and Amadey malware networks, disrupting a major source ...

A poisoned npm package infected 140+ projects with a hidden payload. This report highlights how to detect, hunt, and defend ...