Cybersecurity researchers have discovered a malicious npm package that masquerades as an OpenClaw installer to deploy a remote access trojan (RAT) and steal sensitive data from compromised hosts. The package,… Read More »Malicious npm Package Posing as OpenClaw Installer Deploys RAT, Steals macOS Credentials
Scaling cybersecurity services as an MSP or MSSP requires technical expertise and a business model that delivers measurable value at scale. Risk-based cybersecurity is the foundation of that model. When… Read More »The MSP Guide to Using AI-Powered Risk Management to Scale Cybersecurity
The North Korean threat actor known as UNC4899 is suspected to be behind a sophisticated cloud compromise campaign targeting a cryptocurrency organization in 2025 to steal millions of dollars in… Read More »UNC4899 Breached Crypto Firm After Developer AirDropped Trojanized File to Work Device
Another week in cybersecurity. Another week of “you’ve got to be kidding me.” Attackers were busy. Defenders were busy. And somewhere in the middle, a whole lot of people had… Read More »⚡ Weekly Recap: Qualcomm 0-Day, iOS Exploit Chains, AirSnitch Attack & Vibe-Coded Malware
Mid-market organizations are constantly striving to achieve security levels on a par with their enterprise peers. With heightened awareness of supply chain attacks, your customers and business partners are defining… Read More »Can the Security Platform Finally Deliver for the Mid-Market?
Two Google Chrome extensions have turned malicious after what appears to be a case of ownership transfer, offering attackers a way to push malware to downstream customers, inject arbitrary code,… Read More »Chrome Extension Turns Malicious After Ownership Transfer, Enabling Code Injection and Data Theft
High-value organizations located in South, Southeast, and East Asia have been targeted by a Chinese threat actor as part of a years-long campaign. The activity, which has targeted aviation, energy,… Read More »Web Server Exploits and Mimikatz Used in Attacks Targeting Asian Critical Infrastructure
OpenAI on Friday began rolling out Codex Security, an artificial intelligence (AI)-powered security agent that’s designed to find, validate, and propose fixes for vulnerabilities. The feature is available in a… Read More »OpenAI Codex Security Scanned 1.2 Million Commits and Found 10,561 High-Severity Issues
Anthropic on Friday said it discovered 22 new security vulnerabilities in the Firefox web browser as part of a security partnership with Mozilla. Of these, 14 have been classified as… Read More »Anthropic Finds 22 Firefox Vulnerabilities Using Claude Opus 4.6 AI Model
Cybersecurity researchers have disclosed details of a multi-stage malware campaign that uses batch scripts as a pathway to deliver various encrypted remote access trojan (RATs) payloads that correspond to XWorm,… Read More »Multi-Stage VOID#GEIST Malware Delivering XWorm, AsyncRAT, and Xeno RAT