Vibe-Coded Malicious VS Code Extension Found with Built-In Ransomware Capabilities
Cybersecurity researchers have flagged a malicious Visual Studio Code (VS Code) extension with basic ransomware capabilities that appears to be...
flagged
Malicious VSX Extension “SleepyDuck” Uses Ethereum to Keep Its Command Server Alive
Nov 03, 2025Ravie LakshmananCryptocurrency / Threat Intelligence Cybersecurity researchers have flagged a new malicious extension in the Open VSX registry...
New AI-Targeted Cloaking Attack Tricks AI Crawlers Into Citing Fake Info as Verified Facts
Oct 29, 2025Ravie LakshmananMachine Learning / AI Safety Cybersecurity researchers have flagged a new security issue in agentic web browsers...
175 Malicious npm Packages with 26,000 Downloads Used in Credential Phishing Campaign
Oct 10, 2025Ravie LakshmananCybercrime / Malware Cybersecurity researchers have flagged a new set of 175 malicious packages on the npm...
Alert: Malicious PyPI Package soopsocks Infects 2,653 Systems Before Takedown
Oct 02, 2025Ravie LakshmananPython / Malware Cybersecurity researchers have flagged a malicious package on the Python Package Index (PyPI) repository...
New Android Trojan “Datzbro” Tricking Elderly with AI-Generated Facebook Travel Events
Cybersecurity researchers have flagged a previously undocumented Android banking trojan called Datzbro that can conduct device takeover (DTO) attacks and...
40 npm Packages Compromised in Supply Chain Attack Using bundle.js to Steal Credentials
Sep 16, 2025Ravie LakshmananMalware / Cyber Attack Cybersecurity researchers have flagged a fresh software supply chain attack targeting the npm...
VirusTotal Finds 44 Undetected SVG Files Used to Deploy Base64-Encoded Phishing Pages
Sep 05, 2025Ravie LakshmananMalware / Cryptocurrency Cybersecurity researchers have flagged a new malware campaign that has leveraged Scalable Vector Graphics...
Cybercriminals Exploit X’s Grok AI to Bypass Ad Protections and Spread Malware to Millions
Sep 04, 2025Ravie LakshmananArtificial Intelligence / Malware Cybersecurity researchers have flagged a new technique that cybercriminals have adopted to bypass...
Cybercriminals Exploit X’s Grok AI to Bypass Ad Protections and Spread Malware to Millions
Sep 04, 2025Ravie LakshmananArtificial Intelligence / Malware Cybersecurity researchers have flagged a new technique that cybercriminals have adopted to bypass...
Malicious npm Packages Infect 3,200+ Cursor Users With Backdoor, Steal Credentials
Cybersecurity researchers have flagged three malicious npm packages that are designed to target the Apple macOS version of Cursor, a...
Exploitation of 159 Common Vulnerabilities and Exposures in Q1 2025 — Almost a Quarter in Less than a Day after Disclosure
During the initial quarter of 2025, there has been a recorded exploitation of around 159 CVE identifications in the natural...
Malicious PyPI Package “automslc” Enables 104K+ Unauthorized Deezer Music Downloads
Cybersecurity researchers have flagged a malicious Python library on the Python Package Index (PyPI) repository that facilitates unauthorized music downloads...
LightSpy Grows to Over 100 Instructions, Enhancing Dominance Across Windows, macOS, Linux, and Mobile
Security experts have identified a new release of the LightSpy malware which now includes a wider range of data retrieval...
Online Fraudsters Utilize Onerror Event in Picture Tags to Implement Payment Skimmers
Security experts have identified a malicious software campaign for stealing credit card data that is actively attacking online shopping platforms...
