A "coordinated developer-targeting campaign" is using malicious repositories disguised as legitimate Next.js projects and ...

Is that CAPTCHA you just encountered real? Find out how fake CAPTCHAs are installing hidden malware and how to stay safe.

A fake CAPTCHA scam is tricking Windows users into running PowerShell commands that install StealC malware and steal passwords, crypto wallets, and more.

A new Android malware campaign is using the Hugging Face platform as a repository for thousands of variations of an APK payload that collects credentials for popular financial and payment services.

Hugging Face is widely used by researchers and developers to host machine learning models, datasets, and tools. But researchers say attackers have found a way to exploit that trust. Cybersecurity ...

More than 230 malicious packages for the personal AI assistant OpenClaw (formerly known as Moltbot and ClawdBot) have been published in less than a week on the tool’s official registry and on GitHub.

For the fastest way to join Tom's Guide Club enter your email below. We'll send you a confirmation and sign you up to our newsletter to keep you updated on all the latest news. By submitting your ...

A malware framework that remained hidden for years has been discovered by security researchers at Cisco Talos. The researchers were hunting for samples of DarkNimbus, a backdoor linked to the ...

A new malicious campaign is spreading malware against people in Iran, likely including non-governmental organizations and individuals involved in documenting recent human rights abuses during the ...

Operation Dream Job is evolving once again, and now comes through malicious dependencies on bare-bones projects.

Security researchers found hundreds of malicious add-ons on ClawHub. Security researchers found hundreds of malicious add-ons on ClawHub. is a news writer who covers the streaming wars, consumer tech, ...