Today, threat actors are quietly collecting data, waiting for the day when that information can be cracked with future technology.

OX Security exposes a GitHub phishing campaign targeting OpenClaw developers with fake $CLAW airdrops and a cloned site built ...

GlassWorm campaign injects malware into GitHub Python repos using stolen tokens since March 8, 2026, exposing developers to ...

GlassWorm is evolving. Security researchers say the malware, which infiltrates code repositories with malicious extensions, can now deploy a RAT, is targeting MCP servers, and has a new way of moving ...

Fake CAPTCHA pages can install the StealC infostealer. Don't paste or run commands; disconnect and change passwords.

ThreatDown, the corporate business unit of Malwarebytes, today published research documenting what researchers believe to be the first documented case of attackers abusing the Deno JavaScript runtime ...

Threat actors are evading phishing detection in campaigns targeting Microsoft accounts by abusing the no-code app-building ...

The phishing campaign lures OpenClaw developers with fake $5,000 token airdrops, then drains wallets through a cloned site ...

Dozens of updated, malicious GlassWorm extensions have infested Open VSX, threatening software development supply chains.

DarkSword exploit targets iOS 18.4–18.7 using 6 flaws and 3 zero-days, enabling rapid data theft from iPhones across multiple ...

Attackers exploit OpenClaw hype with fake “CLAW” airdrops, luring developers from GitHub into wallet-draining phishing sites.

GitLab exposes abuse of its platform to trick software developers into downloading malicious payloads and finance companies ...