GuardDog is a CLI tool that allows to identify malicious PyPI and npm packages, Go modules, GitHub actions, or VSCode extensions. It runs a set of heuristics on the package source code (through Semgrep...
For more than a decade, the Vane Viper network has remained one of the largest clandestine players in the sphere of malicious online advertising. The latest report from Infoblox, prepared in collaboration with Guardio...
CloudSEK researchers have reported a large-scale campaign leveraging a Loader-as-a-Service botnet, which over the past six months has transformed home routers and IoT devices into engines for cryptocurrency mining and Mirai-style attacks. An analysis...
Trend Micro has reported the emergence of a new iteration of one of the most notorious ransomware families — LockBit 5.0. Researchers describe it as “significantly more dangerous” than its predecessors, as it now...
Microsoft researchers have identified a new variant of XCSSET, the macOS-targeting malware that has plagued developers since 2020. This family, notorious for spreading through Xcode projects by embedding malicious code, has now evolved with...
Researchers from WatchTowr Labs have reported active exploitation of a critical vulnerability in Fortra’s GoAnywhere MFT file transfer management system. Tracked as CVE-2025-10035, the flaw stems from a deserialization bug in the License Servlet...
Microsoft has agreed to meet the demands of European consumer rights advocates and extend support for Windows 10 users within the European Economic Area (EEA) without imposing any additional conditions. Extended Security Updates (ESU)...
Experts at Microsoft Threat Intelligence have documented an attack in which adversaries, for the first time, employed artificial intelligence to disguise phishing code, with the aim of stealing corporate credentials from U.S.-based companies. The...
SmuggleShield is a browser extension that aims to prevent HTML smuggling attacks by detecting common patterns. While this is not a comprehensive or bulletproof solution, it is an attempt to provide an additional layer...
Developers have long placed their trust in tools that allow AI assistants to handle routine tasks—ranging from sending emails to managing databases. Yet that trust has proven a vulnerability: beginning with version 1.0.16, the...
Google has officially confirmed the unification of ChromeOS and Android, with Android set to become the primary platform. The first tangible results of this transition are expected to reach users in 2026. Until now,...
Microsoft has severed its partnership with Israel’s military intelligence unit Unit 8200, cutting off its access to the company’s cloud infrastructure and artificial intelligence services. The decision followed revelations that Microsoft’s technologies had been...
