GlassWorm malware hits 400+ code repos on GitHub, npm, VSCode, OpenVSX

The GlassWorm supply-chain campaign has returned with a new, coordinated attack that targeted hundreds of packages, ...
The Hacker News

ClickFix Campaigns Spread MacSync macOS Infostealer via Fake AI Tool Installers

ClickFix campaigns spread MacSync macOS infostealer via malicious Terminal commands since Nov 2025, targeting AI tool users ...
CSO Online

ClickFix techniques evolve in new infostealer campaigns

Recent social engineering schemes involving WordPress and Microsoft’s Windows Terminal show that this relatively basic tactic ...

AppsFlyer Web SDK used to spread crypto stealer JavaScript code

Malicious JavaScript code delivered by the AppsFlyer Web SDK hijacked cryptocurrency, potentially in a supply-chain attack.

ThreatDown Uncovers First Cyber Attack Abusing Deno JavaScript Runtime for Fileless Malware ...

ThreatDown, the corporate business unit of Malwarebytes, today published research documenting what researchers believe to be ...
The Hacker News

⚡ Weekly Recap: Qualcomm 0-Day, iOS Exploit Chains, AirSnitch Attack & Vibe-Coded Malware

Your weekly cybersecurity roundup covering the latest threats, exploits, vulnerabilities, and security news you need to know.
Microsoft

Inside Tycoon2FA: How a leading AiTM phishing kit operated at scale

Tycoon2FA has become a leading phishing-as-a-service (PhaaS) platforms, enabling campaigns that reach over 500,000 ...
Wall Street Journal

Yes, You Can Vibe-Code. Here’s How to Get Started.

Work is full of time-sucking, tedious or annoying tasks, particularly when you’re on a computer. I used to spend hours on stupid chores like reorganizing someone else’s messy spreadsheet. Now, I use ...
GameSpot

How To Change Your Appearance In Code Vein 2

GameSpot may get a commission from retail offers. Code Vein 2 is a punishing soulslike adventure that sends you into a perilous world to fight challenging foes and tackle a time-bending story. But the ...