JFrog found malicious npm packages that deploy a Windows RAT to steal Chrome credentials, run commands, and transfer files.

On June 24, 2026, Microsoft’s Digital Crimes Unit (DCU) facilitated the takedown, suspension, and blocking of domains that ...

The malware program has been deployed across multiple sectors since April, helping to provide initial access sold to ransomware gangs.

Microsoft Threat Intelligence analyzed a cryptocurrency clipper campaign that combines clipboard theft, wallet replacement, ...

A malicious npm package has been caught impersonating one of the JavaScript ecosystem's most widely used build tools. The ...

Surface RTX Spark Dev Box is a compact, small-form-factor desktop PC that is built specifically for developers and data ...

A vulnerability chain dubbed AutoJack in Microsoft's AutoGen Studio interface for prototyping AI agents could let attackers ...

John Hammond is a Security Researcher at Huntress as well as a cybersecurity instructor, developer, red teamer, and CTF enthusiast. John is a former Department of Defense Cyber Training Academy ...

Parallels, a leading global provider in virtualization and end-user computing (EUC) solutions, today announced a significant update to Parallels RAS (Remote Application Server), introducing a new ...

Cato Networks tracked Poisson using OpenSSH and Tailscale to maintain access after Havoc C2 outage in a 33-day intrusion.

Managing infrastructure on a Windows machine usually means relying on PowerShell to handle your automation. It feels great when you are editing the Windows Registry or handling Active Directory, but ...

CI/CD pipelines are optimized for code deployments. Long-running operational processes and self-service workflows can be ...