Ransomware operators are hosting and delivering malicious payloads at scale by abusing virtual machines (VMs) provisioned by ...

CrashFix crashes browsers to coerce users into executing commands that deploy a Python RAT, abusing finger.exe and portable ...

A while ago, I wrote a piece on the best way to ensure your privacy with a web browser. Part of that advice was to use the Tor browser. In simplest terms, you cannot get more privacy and security from ...

Notepad++ update servers were compromised for 6 months in 2025. Learn how the Chrysalis backdoor targeted users and why you must manually update to version 8.9.1 now.

A threat actor is compromising NGINX servers in a campaign that hijacks user traffic and reroutes it through the attacker's ...

Hijacking web traffic is an old tactic for threat actors. In fact David Shipley, head of Canadian security awareness training ...

I've been writing and editing stories for almost two decades that help people use technology and productivity techniques to ...

This week’s cybersecurity recap highlights key attacks, zero-days, and patches to keep you informed and secure.

Weekly cybersecurity recap covering emerging threats, fast-moving attacks, critical flaws, and key security developments you need to track this week.

Three security vulnerabilities in the official Git server for Anthropic's Model Context Protocol (MCP), mcp-server-git, have been identified by cybersecurity researchers. The flaws can be exploited ...

Earlier this week, some people on X began replying to photos with a very specific kind of request. “Put her in a bikini,” “take her dress off,” “spread her legs,” and so on, they commanded Grok, the ...

Even as OpenAI works to harden its Atlas AI browser against cyberattacks, the company admits that prompt injections, a type of attack that manipulates AI agents to follow malicious instructions often ...