Researchers have known for almost a decade that threat actors sometimes use DNS records to host malicious PowerShell scripts.

Binarly spotted multiple flaws in UEFI firmware built by AMI AMI released fixes months ago, so users should update now Many ...

The RocketGenius website served a malicious variant of the Gravity Forms WordPress add-on for a few hoursThe variant harvested extensive information and allowed for RCEThe malware affected only manual ...

A new variant of the Konfety Android malware emerged with a malformed ZIP structure along with other obfuscation methods that ...

North Korean threat actors planted 67 malicious packages in the Node Package Manager (npm) online repository to deliver a new ...

An open-source malware can now spawn into DCRat, Venom RAT, and JasonRAT, powering phishing, data theft, and MaaS campaigns worldwide.

From there, you want to make sure that Google Play Protect is enabled on your Android phone. This pre-installed security app scans all of your existing apps and any new ones you download for malware.

Malcure Malware Scanner plugin contains an unpatched high-severity vulnerability. Temporarily shut down at WordPress ...

Discover how AsyncRAT evolved from GitHub release to a widespread malware tool, spawning dangerous variants like DCRat and ...

A new state-backed campaign using HazyBeacon malware targets Southeast Asian governments to collect sensitive data via AWS ...

Two Gravity Forms WordPress plugin versions available on the official download page were injected with malware in a supply ...

Patchstack published an advisory on a supply chain attack affecting Gravity Forms that enables remote code execution on ...