A multi-stage attack on Linux devices began with an exposed F5 BIG-IP edge appliance and pivoted to an internal Confluence ...

A legacy Windows scripting utility tied to Internet Explorer is still being used in modern malware campaigns, researchers say ...

Attackers are increasingly abusing Microsoft’s legacy MSHTA utility to silently deliver malware, stealers, and persistent ...

I started this as a side project, but my Windows Command Center suddenly became useful.

OpenAI has published a technical explanation of its Windows sandbox for Codex, detailing a stricter local setup for the coding agent on developer PCs. Codex can still read broadly across a system, ...

Kazuar, a sophisticated malware family attributed to the Russian state actor Secret Blizzard, has been under constant development for years and continues to evolve in support of espionage-focused ...

2026年5月初，全球数百万用户信赖的知名开源下载管理器 JDownloader 遭遇严重供应链攻击。攻击者暗中入侵了官方网站 jdownloader.org，将正版安装程序下载链接替换为携带全功能 Python ...

Security researchers have uncovered covert infostealer malware hidden in one of the top-ranking repositories on Hugging Face, ...

Windows 端投递的是经过混淆的 Python RAT；Linux 端则通过被污染的 shell 安装脚本落地 SUID-root 后门，并以 upowerd 名义伪装驻留 ...

A fake repository mimicking OpenAI’s Privacy Filter on Hugging Face accumulated ~244,000 downloads before being removed. It delivered a multi-stage Rust infostealer ...