A newly documented BlankGrabber infection chain is using a bogus “certificate” loader to disguise a multi-stage Windows compromise, adding another layer of deception to a commodity stealer already ...

On March 31, 2026, the popular HTTP client Axios experienced a supply chain attack, causing two newly published npm packages ...

Hackers hijacked the npm account of the Axios package, a JavaScript HTTP client with 100M+ weekly downloads, to deliver ...

Wondering if Linux has AI companions that are as accessible, capable, and easy to use as Microsoft Copilot? Try these AI alternatives for Linux.

In addition to rolling out patches to address two zero-days affecting SQL Server and .NET, Microsoft introduced Common Log File System hardening with signature verification.

For an OS that's over 40 years old, Windows has never felt more unpolished than it does now. Microsoft has continued in its endeavor to push the vision of a streamlined, minimalist and modern ...

A fake $TEMU crypto airdrop uses the ClickFix trick to make victims run malware themselves and quietly installs a remote-access backdoor.

STATEN ISLAND, N.Y. — More than 60 young women sat in a courtroom in Richmond County Supreme Court in St. George on Friday, waiting to see a judge. They weren’t there to face charges; instead, they ...

A critical supply chain attack has compromised the popular JavaScript library axios, leading to developers unknowingly ...

Axios 1.14.1 and 0.30.4 injected malicious [email protected] after npm compromise on March 31, 2026, deploying ...

ThreatsDay Bulletin covers stealthy attack trends, evolving phishing tactics, supply chain risks, and how familiar tools are ...