The GlassWorm supply-chain campaign has returned with a new, coordinated attack that targeted hundreds of packages, ...

ClickFix campaigns spread MacSync macOS infostealer via malicious Terminal commands since Nov 2025, targeting AI tool users ...

Threat actors are publishing clean extensions that later update to depend on hidden payload packages, bypassing marketplace ...

I tried Zenclora, a hyper-fast Linux distro with no bloat - and one truly standout feature ...

A fake $TEMU crypto airdrop uses the ClickFix trick to make victims run malware themselves and quietly installs a remote-access backdoor.

Manufact, a Y Combinator startup, raised $6.3 million to build open-source tools and cloud infrastructure for the Model Context Protocol (MCP), the fast-growing standard backed by Anthropic and OpenAI ...

The Contagious Interview campaign weaponizes job recruitment to target developers. Threat actors pose as recruiters from crypto and AI companies and deliver backdoors such as OtterCookie and ...

Paperclip is organizing OpenClaw AI agents into full company structures with roles, budgets, and tasks, signaling the rise of AI-run organizations.

UNC4899 breached a crypto firm via AirDrop malware and cloud exploitation in 2025, stealing millions through Kubernetes and ...

Microsoft's AI Toolkit extension for VS Code now lets developers scaffold a working MCP server in minutes. Here's what that looks like in practice -- including the parts that don't work, and a simpler ...

An undefined Chinese-speaking actor wields a combo of custom malware, open source tools, and LOTL binaries against Windows ...