ClickFix has become hugely successful as it relies on a simple yet effective method, which is to entice a user into infecting ...

Socket’s Threat Research Team has outlined all the details.

North Korean attackers have delivered more than 197 malicious packages as part of ongoing state-sponsored activity to ...

Some 2FA-phishing attacks are becoming significantly harder to spot as threat actors blend two previously distinct ...

A threat actor has published over a hundred malicious extensions that can track and profile Chrome and Microsoft Edge users ...

This blog is intended to share an in-depth analysis of a recent multi-stage attack attributed to the Water Gamayun advanced persistent threat group (APT). Drawing on telemetry, forensic reconstruction ...

ShadyPanda abused browser extensions for seven years, turning 4.3M installs into a multi-phase surveillance and hijacking ...

A new ClickFix variant ratchets up the psychological pressure to 100 and addresses some technical mitigations to classic ClickFix attacks.

A threat group dubbed ShadyPanda exploited traditional extension processes in browser marketplaces by uploading legitimate extensions and then quietly weaponization them with malicious updates, ...

A newly discovered malicious Chrome extension is stealing funds from Solana traders by quietly siphoning a fee from every ...

The Chrome extension "Crypto Copilot" was flagged as malicious for secretly manipulating Solana trades to inject a hidden ...

The stealthy kit, discovered by cybersecurity experts at Barracuda, relies on techniques that differ from known phishing-as-a ...