Attackers exploited Hugging Face’s trusted infrastructure to spread an Android RAT, using fake security apps and thousands of ...

Open VSX supply chain attack hijacked VS Code extensions delivered GlassWorm malware stealing macOS, crypto, and developer ...

Notepad++'s updater usually pops up, but users can also prompt it by selecting the "?" dropdown in the taskbar. Christopher ...

A compromised Open VSX publisher account was used to distribute malicious extensions in a new GlassWorm supply chain attack.

State-backed attackers hijacked Notepad++ update traffic via a hosting provider breach, redirecting users to malicious ...

Rapid7 dropped a write-up on the Notepad++ update-chain abuse and - finally - it comes with real IOCs - update.exe downloaded ...

The Chinese espionage threat group Mustang Panda has updated its CoolClient backdoor to a new variant that can steal login ...

Notepad++ is a favorite of programmers and other power users, but its auto-update function was compromised for months in 2025 ...

Two malware campaigns weaponize open-source software to target executives and cloud systems, combining social engineering ...

A new Android malware campaign is using the Hugging Face platform as a repository for thousands of variations of an APK ...

Kim Komando reveals why AI-generated malware is beating free antivirus software, the dark web marketplace selling viruses for $100/month and the symptoms that mean your computer is already infected.

The group targets telecoms, critical infrastructure - all the usual high-value orgs Security researchers have attributed the ...