Microsoft Authenticator Flaw on Android, iOS Could Leak Login Codes for Millions
Image: Aminu Abdullahi/TechRepublic A newly discovered vulnerability in Microsoft Authenticator could expose sensitive login codes to malicious apps on the...
discovered
Six Android Malware Families Target Pix Payments, Banking Apps, and Crypto Wallets
Cybersecurity researchers have discovered half-a-dozen new Android malware families that come with capabilities to steal data from compromised devices and...
Five Malicious Rust Crates and AI Bot Exploit CI/CD Pipelines to Steal Developer Secrets
Cybersecurity researchers have discovered five malicious Rust crates that masquerade as time-related utilities to transmit .env file data to the...
Malicious npm Package Posing as OpenClaw Installer Deploys RAT, Steals macOS Credentials
Cybersecurity researchers have discovered a malicious npm package that masquerades as an OpenClaw installer to deploy a remote access trojan...
Anthropic Finds 22 Firefox Vulnerabilities Using Claude Opus 4.6 AI Model
Ravie LakshmananMar 07, 2026Browser Security / Artificial Intelligence Anthropic on Friday said it discovered 22 new security vulnerabilities in the...
Smashing Security podcast #457: How a cybersecurity boss framed his own employee
When a top cybersecurity firm discovered it had a leak, you would expect the FBI to be called. Instead, the...
Malicious NuGet Packages Stole ASP.NET Data; npm Package Dropped Malware
Ravie LakshmananFeb 25, 2026Cybersecurity / Malware Cybersecurity researchers have discovered four malicious NuGet packages that are designed to target ASP.NET...
PromptSpy Android Malware Abuses Gemini AI to Automate Recent-Apps Persistence
Cybersecurity researchers have discovered what they say is the first Android malware that abuses Gemini, Google's generative artificial intelligence (AI)...
Malicious Chrome Extensions Caught Stealing Business Data, Emails, and Browsing History
Cybersecurity researchers have discovered a malicious Google Chrome extension that's designed to steal data associated with Meta Business Suite and...
Lazarus Campaign Plants Malicious Packages in npm and PyPI Ecosystems
Cybersecurity researchers have discovered a fresh set of malicious packages across npm and the Python Package Index (PyPI) repository linked...
First Malicious Outlook Add-In Found Stealing 4,000+ Microsoft Credentials
Cybersecurity researchers have discovered what they said is the first known malicious Microsoft Outlook add-in detected in the wild. In...
Compromised dYdX npm and PyPI Packages Deliver Wallet Stealers and RAT Malware
Cybersecurity researchers have discovered a new supply chain attack in which legitimate packages on npm and the Python Package Index...
Researchers Uncover Chrome Extensions Abusing Affiliate Links and Stealing ChatGPT Access
Cybersecurity researchers have discovered malicious Google Chrome extensions that come with capabilities to hijack affiliate links, steal data, and collect...
China-Linked UAT-8099 Targets IIS Servers in Asia with BadIIS SEO Malware
Cybersecurity researchers have discovered a new campaign attributed to a China-linked threat actor known as UAT-8099 that took place between...
Fake Python Spellchecker Packages on PyPI Delivered Hidden Remote Access Trojan
Ravie LakshmananJan 28, 2026Supply Chain Security / Malware Cybersecurity researchers have discovered two malicious packages in the Python Package Index...
