An attacker pushed a malicious version of the popular elementary-data package Python Package Index (PyPI) to steal sensitive ...

Open source software with more than 1 million monthly downloads was compromised after a threat actor exploited a ...

CVE-2026-5760 (CVSS 9.8) exposes SGLang via /v1/rerank endpoint, enabling RCE through malicious GGUF models, risking server ...

A threat group tracked as UNC6692 uses social engineering to deploy a new, custom malware suite named 'Snow' which includes a ...

UNC6692 has been attributed to a large email campaign that's designed to overwhelm a target's inbox with a flood of spam ...

A newly discovered threat actor is using Microsoft Teams, AWS S3 buckets, and custom "Snow" malware in a multipronged ...

This was not a case of stolen credentials, but rather of vulnerability exploitation.

Attackers exploit Microsoft Teams and Snow malware to steal credentials and take over enterprise networks through social ...

A cyber group is impersonating IT helpdesk staff via Microsoft Teams to deploy malware and target corporate systems.

Malwarebytes warns that a fake Microsoft support site is distributing password-stealing malware through a spoofed Windows update installerThe Latest Tech News, Delivered to Your Inbox ...

Scammers built a convincing fake Windows update site that installs password-stealing malware. Learn how the multi-stage ...

A previously unknown threat group using tried-and-tested social engineering tactics - Microsoft Teams chat invitations and ...