Researchers say the campaign uses a browser-based JavaScript VM to hide credential theft and intercept MFA at scale.

The Tycoon2FA phishing kit now supports device-code phishing attacks and abuses Trustifi click-tracking URLs to hijack ...

Hundreds of npm packages infected by the self-propagating, credential-stealing worm from TeamPCP are related to the open ...

Attackers performed an email takeover attack on a dormant maintainer account and published new node-ipc versions containing ...

Copycat hackers are competing to win $1,000 for the largest supply chain attack using Shai-Hulud, an open-sourced worm that has brought down a few major open-source projects. Malicious NPM packages ...

A critical security vulnerability impacting the Funnel Builder plugin for WordPress has come under active exploitation in the wild to inject malicious JavaScript code into WooCommerce checkout pages ...

The Shai-Hulud malware leaked last week is now used in new attacks on the Node Package Manager (npm) index, as infected ...

A fake Claude code installer can successfully exfiltrate decrypted cookies, passwords and payment methods from Chromium ...

After the latest Heroes World codes? This long-running Roblox game has recently burst back to life with a huge new update, leading to an influx of new players and returning diehards. If you’re hopping ...

14th May 2026: We added new Type Soul codes. Type Soul is a Roblox game based on the popular anime series Bleach. The experience originally launched around the time that Part 2 of the Thousand Year ...

May 17, 2026: We're on the hunt for new Marvel Rivals codes to mark the release of Devil Dinosaur. He's a cutie. Like many free multiplayer games these days, Marvel Rivals codes let you unlock ...

31st October 2025: We added new Gym League codes. Gym League is a Roblox game set in an outdoor gym at a beach. You’ll create your own character, train with a variety of machines and weights, and work ...