If you've received an invite link to Discord but never used it to join that specific server, don't click through it weeks or ...

The fact that payload delivery and data exfiltration occur via trusted cloud services such as GitHub, Bitbucket, Pastebin, and Discord allows the threat actors to blend in with normal traffic and fly ...

It’s a cross-site scripting vulnerability present in open-source webmail platform Roundcube, and abuses a desanitization ...

The new malware exploits a weakness in Discord’s invitation system to deliver an information stealer known as Skuld and the ...

Hackers are hijacking expired or deleted Discord invite links to redirect users to malicious sites that deliver remote access ...

Threat actors have abused the TeamFiltration pentesting framework to target over 80,000 Entra ID user accounts.

A new Rust‑ based info‑stealer called Myth Stealer spreads via fake gaming sites, targeting Chrome and Firefox credentials with loaders.

Sophos thinks a single person or group called "ischhfd83" is behind more than a hundred backdoored malware variants targeting ...

New malware campaign uses typo-squatting and fake developer packages to spread threats across Windows and Linux.

Cybersecurity researchers have discovered a new cryptojacking campaign that's targeting publicly accessible DevOps web servers such as those associated with Docker, Gitea, and HashiCorp Consul and ...

Security researchers at Wiz have uncovered a new campaign called JINX-0132, in which publicly accessible DevOps systems such ...