Claude Opus commit added malicious npm dependency in Feb 2026, enabling crypto theft and persistent RAT access.

VS Code extensions since Dec 21, 2025 fuel GlassWorm v2, installing cross-IDE malware and stealing credentials.

The campaigns are the work of the SilverFox group, which has seemingly ramped up its efforts since December. In this campaign ...

Shortly after publication, a slew of fake ICIJ reporters approached journalists, Taiwanese officials, and human rights ...

OpenAI and the ICIJ have reported abuses of ChatGPT by China, despite prohibitions by the AI giant and the Chinese government ...

Attackers exploit Microsoft Teams and Snow malware to steal credentials and take over enterprise networks through social ...

This week, election threats resurfaced. A prolific hacker arrested. Black Axe network disrupted. China-linked disinformation ...

A malicious npm dependency slipped into an AI-assisted crypto trading project has exposed how automated coding tools can be manipulated into importing software that steals credentials, wallet data and ...

A stealthy Python-based backdoor framework capable of long-term surveillance and credential theft has been identified ...

The stealthy Python-based backdoor framework deploys a persistent Windows implant likely designed for espionage.

Four images depicting British public figures posing beside the man who has been charged with attempting to assassinate U.S.

Storm-1516 campaign uses fabricated videos, phony websites and anonymous influencers to spread tales about election fraud, corruption and sexual abuse.