Simplified notifications, pushed with a single curl command.

The Microsoft Defender Security Research Team uncovered a sophisticated macOS intrusion campaign attributed to the North ...

North Korean criminals set on stealing Apple users' credentials and cryptocurrency are using a combination of social ...

North Korea's Sapphire Sleet uses fake job offers and phony Zoom updates to deliver ClickFix attacks that steal credentials ...

A MacOS-focused social engineering campaign orchestrated by North Korea-based threat actor Sapphire Sleet has been exposed by ...

Hackers are exploiting a critical vulnerability in Marimo reactive Python notebook to deploy a new variant of NKAbuse malware ...

Earlier this year, I wrote about dogs with an unusual talent. Although many dogs can master basic commands, these animals had ...

Marimo CVE-2026-39987 exploited within 10 hours of disclosure, enabling unauthenticated RCE and credential theft, emphasizing urgent patching needs.

Cookie-gated PHP webshells use obfuscation, php-fpm execution, and cron-based persistence to evade detection in Linux hosting environments. This post examines how this tradecraft conceals execution ...

The maintainers of the popular Axios HTTP client have published a detailed post-mortem describing how one of its developers ...

Hackers infiltrated Axios maintainers using fake Slack channels and Teams calls, then published infected packages.

Jamf finds a ClickFix variant that swaps copy-paste Terminal lures for Script Editor execution, tightening delivery of Atomic ...