New WhatsApp Web attack spreads self-propagating ZIP files containing Astaroth banking malware through trusted conversations.

Researchers uncovered a CrashFix campaign where a fake Chrome ad blocker crashes browsers to trick users into installing the ...

A malvertising campaign is using a fake ad-blocking Chrome and Edge extension named NexShield that intentionally crashes the ...

Internet security watchdog Shadowserver tracks nearly 800,000 IP addresses with Telnet fingerprints amid ongoing attacks exploiting a critical authentication bypass vulnerability in the GNU InetUtils ...

Your phone is so powerful. Let's put that power to good use.

Active malware exploits DLL side-loading in a signed GitKraken binary to deliver trojans, stealers, and remote access malware.

ClickFix variant CrashFix relies on a malicious Chrome extension to crash the browser and trick victims into installing the ...

Stranger Things concept of the “Upside Down” is a useful way to think about the risks lurking in the software we all rely on.

Knostic found 1,862 MCP servers exposed with zero authentication. Here are five actions CISOs should take now.

ChatGPT has quietly gained bash support and multi-language capabilities, enabling users to run commands and install packages in containers without official announcements.

It's a great NAS with great hardware, but the lack of SSH access is frustrating.

John Hammond is a Security Researcher at Huntress as well as a cybersecurity instructor, developer, red teamer, and CTF enthusiast. John is a former Department of Defense Cyber Training Academy ...