Malicious npm Package Posing as OpenClaw Installer Deploys RAT, Steals macOS Credentials
Cybersecurity researchers have discovered a malicious npm package that masquerades as an OpenClaw installer to deploy a remote access trojan...
Hacking
Category Added in a WPeMatico Campaign
UNC4899 Breached Crypto Firm After Developer AirDropped Trojanized File to Work Device
Ravie LakshmananMar 09, 2026DevOps / Threat Intelligence The North Korean threat actor known as UNC4899 is suspected to be behind...
⚡ Weekly Recap: Qualcomm 0-Day, iOS Exploit Chains, AirSnitch Attack & Vibe-Coded Malware
Ravie LakshmananMar 09, 2026Cybersecurity / Hacking Another week in cybersecurity. Another week of "you've got to be kidding me." Attackers...
Can the Security Platform Finally Deliver for the Mid-Market?
The Hacker NewsMar 09, 2026Endpoint Security / Security Operations Mid-market organizations are constantly striving to achieve security levels on a...
Chrome Extension Turns Malicious After Ownership Transfer, Enabling Code Injection and Data Theft
Two Google Chrome extensions have turned malicious after what appears to be a case of ownership transfer, offering attackers a...
Web Server Exploits and Mimikatz Used in Attacks Targeting Asian Critical Infrastructure
Ravie LakshmananMar 09, 2026Threat Intelligence / Web Security High-value organizations located in South, Southeast, and East Asia have been targeted...
OpenAI Codex Security Scanned 1.2 Million Commits and Found 10,561 High-Severity Issues
Ravie LakshmananMar 07, 2026DevSecOps / Artificial Intelligence OpenAI on Friday began rolling out Codex Security, an artificial intelligence (AI)-powered security...
Anthropic Finds 22 Firefox Vulnerabilities Using Claude Opus 4.6 AI Model
Ravie LakshmananMar 07, 2026Browser Security / Artificial Intelligence Anthropic on Friday said it discovered 22 new security vulnerabilities in the...
Transparent Tribe Uses AI to Mass-Produce Malware Implants in Campaign Targeting India
Ravie LakshmananMar 06, 2026Threat Intelligence / Cyber Espionage The Pakistan-aligned threat actor known as Transparent Tribe has become the latest...
Multi-Stage VOID#GEIST Malware Delivering XWorm, AsyncRAT, and Xeno RAT
Cybersecurity researchers have disclosed details of a multi-stage malware campaign that uses batch scripts as a pathway to deliver various...
The MSP Guide to Using AI-Powered Risk Management to Scale Cybersecurity
The Hacker NewsMar 06, 2026Artificial Intelligence / Enterprise Security Scaling cybersecurity services as an MSP or MSSP requires technical expertise...
Iran-Linked MuddyWater Hackers Target U.S. Networks With New Dindoor Backdoor
New research from Broadcom's Symantec and Carbon Black Threat Hunter Team has discovered evidence of an Iranian hacking group embedding...
China-Linked Hackers Use TernDoor, PeerTime, BruteEntry in South American Telecom Attacks
Ravie LakshmananMar 06, 2026Cyber Espionage / Threat Intelligence A China-linked advanced persistent threat (APT) actor has been targeting critical telecommunications...
Microsoft Reveals ClickFix Campaign Using Windows Terminal to Deploy Lumma Stealer
Ravie LakshmananMar 06, 2026Endpoint Security / Browser Security Microsoft on Thursday disclosed details of a new widespread ClickFix social engineering...
Hikvision and Rockwell Automation CVSS 9.8 Flaws Added to CISA KEV Catalog
Ravie LakshmananMar 06, 2026Vulnerability / Network Security The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added two security...
