Malwarebytes recently uncovered a new malicious campaign targeting the Windows Update service. Focused on French-speaking users, the campaign uses layered obfuscation techniques to deliver multiple ...

Malwarebytes warns that a fake Microsoft support site is distributing password-stealing malware through a spoofed Windows update installer ...

Adobe has released a fix for an Acrobat and Reader zero-day that attackers had been exploiting for months. The patch, shipped on April 11, addresses CVE-2026-34621, a critical vulnerability in Acrobat ...

Researcher Haifei Li, founder of the exploit detection platform EXPMON, discovered a sophisticated attack that uses PDF files to spy on and potentially ...

A convincing Microsoft lookalike tricks users into downloading malware that steals passwords, payments, and account access.

Hackers have been quietly exploiting what appears to be a zero-day in Adobe Acrobat Reader for months, using booby-trapped PDFs to profile targets and decide who's worth fully compromising.

Players should take "appropriate security measures to ensure their system is safe. Simply uninstalling the mods is not ...

Within days of each other, Anthropic first leaked the source code to Claude Code, and then a critical vulnerability was found ...

A North Korea-nexus threat actor compromised the widely used axios npm package, delivering a cross-platform remote access trojan to potentially millions of developer environments during a three-hour ...

Google links Axios npm supply chain attack to UNC1069 after trojanized versions 1.14.1 and 0.30.4 spread WAVESHAPER.V2, impacting multiple OS.

DeepLoad exploits ClickFix and WMI persistence to steal credentials, enabling stealth reinfection after three days.

Morey J. Haber, Chief Security Advisor at BeyondTrust, is an identity and technical evangelist with over 25 years of IT industry experience. We often prepare for threats that are visible, and ...