Fake Claude Code install sites are pushing malware that steals API keys, developer credentials, crypto wallets, and other ...

Fake Claude Code installer malware used Google Ads to place spoofed AI tool pages above real documentation since March 2026.

A threat actor tracked as DriveSurge has been operating large-scale malware distribution campaigns using ClickFix and ...

Hackers exploited a critical zero-day vulnerability in a server running the KnowledgeDeliver learning management system (LMS) to deploy the Godzilla web shell.

Luvme Hair today announced the release of its 2026 Natural Everyday Wig Guide, a new online resource designed to help shoppers choose ...

Contributing editor Lew Migliore reports on adhesive issues, including different types of adhesives, the importance of selecting the right adhesive for the job and flooring product, common mistakes, ...

The malware employs ecosystem-specific techniques for execution. On npm, many packages use post-install hooks to deploy a comprehensive JavaScript payload ...

Malicious packages across npm, PyPI, and Crates.io show how poisoned developer workflows can become a route into enterprise systems.

A coordinated malware campaign known as TrapDoor has hit software ecosystems widely used by crypto and blockchain developers.

Developer platform Socket says a malware called TrapDoor is targeting crypto and AI developers across npm, PyPI and Crates, aiming to steal crypto wallet info and browser data.

Contributing editor Lisbeth Calandrino writes about the most effective techniques for getting customers off the fence and turning them into buyers.

CVE-2026-5426 enabled KnowledgeDeliver LMS attacks before February 24, 2026, leading to Cobalt Strike infections.