Fake Claude Code install sites are pushing malware that steals API keys, developer credentials, crypto wallets, and other sensitive data.

“Vibeware” is forcing new anti-malware strategies ...

Malware research group vx-underground, which says it has the largest collection of malware source code, said in a post on X that its archive of data amounts to about 30 terabytes. A reply by Bernardo ...

Security researchers say 5,500 GitHub repositories have been affected by the attack.

The source code for the ERMAC 3.0 Android banking trojan has been leaked online, exposing the malware’s full infrastructure and its ability to target over 700 apps. While this is a win for ...

Proofpoint says UNK_DeadDrop sent 250+ phishing emails to nearly 100 firms, using GitHub and VS Code lures to steal credentials and wallet data.

An advanced cloud-first malware framework targeting Linux systems was created almost entirely by artificial intelligence (AI), a move that signals significant evolution in the use of the technology to ...

Ghostblade is one of six malware tools in the "DarkSword" suite of malicious software designed to steal crypto private keys and user data. Google Threat Intelligence has identified a new form of ...

Microsoft GitHub hack hit open-source AI tools, exposing developer passwords and cloud credentials. Here’s why SA tech teams ...

A recently fixed WinRAR vulnerability tracked as CVE-2025-8088 was exploited as a zero-day in phishing attacks to install the RomCom malware. The flaw is a directory traversal vulnerability that was ...

A suspected North Korean hacker has hijacked and modified a popular open source software development tool to deliver malware that could put millions of developers at risk of being compromised. On ...