Ghostwriter used Prometheus lures since spring 2026 to target Ukraine agencies, enabling malware delivery and data theft.

The Tycoon2FA phishing kit now supports device-code phishing attacks and abuses Trustifi click-tracking URLs to hijack ...

A widely active phishing-as-a-service (PhaaS) operation known as FlowerStorm has begun using a browser-based virtual machine to conceal credential theft code, marking what researchers say is an ...

Attackers have poisoned a code package on the npm registry in a novel way, hiding credential-stealing malware in steganographic QR codes embedded in a package purporting to offer a JavaScript utility.

A newly-discovered malicious package with layers of obfuscation is disguised as a utility library, with malware essentially hiding in plain sight in embedded QR codes. QR codes are ubiquitous these ...

ModStealer malware targets cryptocurrency wallets and is undetected by antivirus tools. ModStealer spreads via fake recruiter ads and steals data from 56 browser wallet extensions. The malware ...

Hi, thank you for creating this obfuscation plugin. I have a small question. I created a browser extension and uploaded it to the Chrome store. I want to use your obfuscation method in a very small ...

In this guide, we explain what obfuscation does, how obfuscated servers can enhance your digital privacy, and when obfuscation is most beneficial. An obfuscated VPN server uses encryption to scramble ...

A China-linked nation-state group called TAG-112 compromised Tibetan media and university websites in a new cyber espionage campaign designed to facilitate the delivery of the Cobalt Strike ...

Cybercriminals have found a new way to get around what has been an effective deterrent to phishing attacks, with novel anti-bot services sold on the Dark Web that allow them to bypass the protective ...