Activate subscription >
Add devices or upgrade >
Renew subscription >
Secure Hub >
Don’t have an account? Sign up >
< Products
< Resources
< Help
An attempt to drop two RATs on a system used an uncanny assortment of legitimate Windows tools.
Researchers showed how prompt injection hidden in a calendar invite can bypass privacy controls and turn an AI assistant into a data-leaking accomplice.
A fake ad blocker crashes your browser, then uses ClickFix tricks to make you run the malware yourself.
Researchers found more sleeper browser extensions that spy on users and install backdoors, this time targeting Firefox users as well.
Researchers demonstrated WhisperPair, a set of attacks that can take control of many widely used Bluetooth earbuds and headphones without user interaction.
Researchers uncovered a way to steal data from Microsoft Copilot users with a single malicious link.
Fake LinkedIn comments warning of account restrictions are designed to trick users into revealing their login details.
A Magecart campaign is skimming card data from online checkouts tied to major payment networks, including AmEx, Diners Club, and Mastercard.
Apple has confirmed active exploitation, but full protections are limited to iPhones running iOS 26+ (yes, the one with Liquid Glass).
Contributors
Threat Center
Podcast
Glossary
Scams
