AI-powered fileless malware is changing what it means to keep a Windows 11 PC secure. Here's what's happening and what to do.

Threat actors have used generative artificial intelligence (GenAI) to write malicious code in the wild to spread an open source remote access Trojan (RAT). It's one of the first observed examples of ...

A new campaign creates a fake BSOD to install malware. The campaign tricks users into installing a remote access trojan. If executed, the RAT can remotely access the infected PC. The Windows Blue ...

Hackers hijacked the npm account of the Axios package, a JavaScript HTTP client with 100M+ weekly downloads, to deliver ...

An unknown threat actor is deploying a large-scale, sophisticated cryptojacking campaign through a series of malicious extensions in Visual Studio Code, Microsoft’s lightweight source-code editor, ...

In April 2026, Microsoft is blocking old kernel drivers in Windows, closing a vulnerability that's been exploited for years.

We found fake “verify you are human” pages on hacked WordPress sites that trick Windows users into installing the Vidar infostealer.

The popular JavaScript HTTP client Axios has been compromised in a supply chain attack, exposing projects to malware through ...

Malicious Visual Studio Code extensions were discovered on the VSCode marketplace that download heavily obfuscated PowerShell payloads to target developers and cryptocurrency projects in supply chain ...

Malicious code continues to be uploaded to open source repositories, making it a challenge for responsible developers to trust what’s there, and for CISOs to trust applications that include open ...