ThreatDown, the corporate business unit of Malwarebytes, today published research documenting what researchers believe to be the first documented case of attackers abusing the Deno JavaScript runtime ...

The Cybersecurity and Infrastructure Security Agency has ordered federal agencies to patch three critical iOS vulnerabilities that were exploited over a 10-month span in hacking campaigns conducted by ...

A previously undocumented set of 23 iOS exploits named "Coruna" has been deployed by multiple threat actors in targeted espionage campaigns and financially motivated attacks.

Tycoon2FA has become a leading phishing-as-a-service (PhaaS) platforms, enabling campaigns that reach over 500,000 organizations monthly, prompting Microsoft’s Digital Crimes Unit (DCU) to work with ...

Abstract: Obfuscation modifies code structure to impede reverse engineering and is widely used to protect intellectual property and evade malware detection. However, existing deobfuscation techniques ...

A developer-targeting campaign leveraged malicious Next.js repositories to trigger a covert RCE-to-C2 chain through standard ...

A multi-stage malware loader known as OysterLoader has continued to evolve into early 2026, refining its command-and-control (C2) infrastructure and obfuscation methods. The C++-based threat, also ...

Abstract: Federated learning (FL) is a promising privacy-preserving distributed machine learning paradigm. However, data privacy leakage and Byzantine clients are common challenges in the FL ...