macOS ClickFix attacks deliver AppleScript stealers to snarf credentials, wallets

A ClickFix campaign targeting macOS users delivers an AppleScript-based infostealer that collects credentials and live ...

Fake Google Antigravity Installer Can Steal Accounts in Minutes

Fake Antigravity downloads are enabling fast account takeovers using hidden malware and stolen session cookies.
InfoWorld

Malicious pgserve, automagik developer tools found in npm registry

Fake packages aim to steal data, credentials, and secrets, and to infect every package created using them, in what could be ...
Infosecurity-magazine.com

New Cryptojacking Malware Targets Docker with Novel Mining Technique

A new cryptojacking malware campaign is targeting Docker environments using a novel mining technique, according to researchers from Darktrace and Cado Security Labs. The campaign demonstrates a trend ...

"ClickFix" attacks on macOS now also via Script Editor

An ongoing malware campaign is using Apple's Script Editor instead of the Terminal to inject the Atomic Stealer data thief onto Macs.

New WhatsApp malware campaign uses renamed Windows tools to evade detection

Microsoft warns users that multi-stage malware exploits trusted messaging apps to steal information and run hidden system commands ...
MUO on MSN

Yes, you can get malware just by visiting a website

It's not even your browser's fault.
TechRadar

Now that's different - hackers use miniature SVG images to try and hide credit card stealer

When you purchase through links on our site, we may earn an affiliate commission. Here’s how it works. Security researchers recently found a credit card skimmer on almost a hundred compromised ...