JFrog found malicious npm packages that deploy a Windows RAT to steal Chrome credentials, run commands, and transfer files.

A malicious npm package has been caught impersonating one of the JavaScript ecosystem's most widely used build tools. The ...

In addition to the Custom Provider Framework, the latest version of Parallels RAS introduces expanded platform integrations, enhanced security controls, and user experience improvements designed that ...

A vulnerability chain dubbed AutoJack in Microsoft's AutoGen Studio interface for prototyping AI agents could let attackers ...

Microsoft Threat Intelligence analyzed a cryptocurrency clipper campaign that combines clipboard theft, wallet replacement, ...

At Microsoft Build in June 2026, Microsoft unveiled its most powerful desktop PC yet: the Surface RTX Spark Dev Box. It is a compact, small-form-factor desktop PC that is built specifically for ...

John Hammond is a Security Researcher at Huntress as well as a cybersecurity instructor, developer, red teamer, and CTF enthusiast. John is a former Department of Defense Cyber Training Academy ...

Cato Networks tracked Poisson using OpenSSH and Tailscale to maintain access after Havoc C2 outage in a 33-day intrusion.

CI/CD pipelines are optimized for code deployments. Long-running operational processes and self-service workflows can be ...

Ongoing research into AI agent framework security identified an exploit chain in AutoGen Studio (AutoGen’s open-source prototyping user interface) that allows untrusted web content rendered by a ...

Windows PowerShell is a powerful terminal from Microsoft which allows you to automate and script tasks on Windows machines and interact with many of the applications available on them. It is a huge ...

The Microsoft Authentication Library for Python enables applications to integrate with the Microsoft identity platform. It allows you to sign in users or apps with Microsoft identities (Microsoft ...