269 article(s)
A stealthy malware campaign is targeting macOS developers through malicious VS Code plugins, stealing passwords and crypto after a hidden delay. Discover how GlassWorm exploits trust in the plugin ecosystem.
A new breed of infostealer attacks is turning compromised companies into unwitting malware distributors, fueling a dangerous feedback loop in the cybercrime ecosystem.
A new, affordable Python-based malware called VVS Stealer is targeting Discord users with advanced obfuscation and session hijacking, putting millions at risk.
VVS Stealer uses commercial PyArmor protection to cloak its code, making it nearly invisible to traditional detection as it harvests Discord and browser data from unsuspecting victims.
Cybercriminals are exploiting infostealer malware to hijack legitimate business websites, using stolen credentials to host sophisticated malware campaigns. Learn how this feedback loop works and what security measures can break the cycle.
A cybercriminal crew exploited stolen brokerage logins in Japan, hijacking investor accounts to orchestrate a rapid market manipulation scheme. Their actions netted millions and exposed the alarming ease with which online trading can be compromised.
A stealthy new malware campaign, GlassWorm, is targeting macOS developers via tampered Open VSX extensions, stealing crypto wallets and credentials while evading detection using blockchain-powered persistence.
GlassWorm’s latest campaign targets Mac developers through compromised extensions, aiming for credentials and cryptocurrency wallets. Find out how the attack works and how to protect yourself.
GlassWorm’s latest evolution weaponizes VS Code extensions to target macOS developers and their cryptocurrency wallets, using encrypted payloads, blockchain-based command-and-control, and hardware wallet trojanization for a new level of threat.
For four days in December 2025, EmEditor’s official homepage delivered a stealthy infostealer to users via its main download button, targeting technical and government staff and putting sensitive data at risk.