Threats

The new CrystalX remote access Trojan looks like the prank viruses of the 90s on the surface, but it causes a lot more damage. It spies on all that’s happening on your computer, steals cryptocurrency and accounts, and gives the attacker full control over your device. We break down how it works, and how to avoid becoming a victim.

Spammers have figured out how to hide links to fraudulent sites within surveys created on legitimate platforms. We’re breaking down the ruse and sharing tips on how to avoid falling for it.

Intellexa’s Predator spyware can hide camera and microphone usage indicators on iOS devices. Here’s a look at how it pulls it off.

We break down how AI assistant hallucinations can turn lethal, and explain the fundamental principles you need to follow to avoid becoming an accidental casualty of progress.

We break down the BeatBanker trojan attack, which combines espionage, crypto theft, and mining with inventive ways to dig its heels into a smartphone.

A browser-in-the-browser attack, theoretically described in 2022, has been adopted in real-world phishing. We break down how it works, and how to spot a fake authentication window.

Why do we have a love-hate relationship with dating apps, and what are they doing to our brains? Can an emoji start a war? Is marrying an AI actually a thing? We’re exploring how modern tech is redefining love and our very ideas of it.

We’re breaking down how to protect yourself from fake streams, counterfeit tickets, and non-existent merch — and how to keep your personal and financial data from being snatched during the 2026 Winter Olympic Games.

We’re diving into the most intriguing and sophisticated phishing and spam schemes intercepted by our experts throughout 2025.

Today we’re diving into the OpenClaw AI agent — formerly known as “Clawdbot” and then “Moltbot” — to prove once again that secure AI is still a long way off.

Children’s AI toys have been caught discussing drugs and sex with kids. We break down the results of a study that reveals exactly how these smart (too smart!) toys are blowing up past boundaries.

NFC relay attacks, pre-installed Trojans, and other nasties ruining the Android experience in 2026.

Breaking down the WhisperPair attack, which allows victims to be tracked via ordinary Bluetooth headphones.

How criminals exploit the familiar “tap your phone to pay” feature to steal your money.

We’ve identified a new infostealer named Stealka, which masquerades as pirated software and game mods. It targets data stored inside browsers, locally installed applications, and crypto wallets.

We break down a new scam that leverages Telegram Mini Apps, and explain how to avoid taking the bait.

We follow the trail of a phishing attack to break down, step-by-step, what happens to the data stolen from users.

From karaoke rooms to gynecology clinics — these are just some of the tens of thousands of locations where compromised IP cameras were discovered in South Korea. Here’s how to avoid unwittingly starring in steamy videos you didn’t authorize.

A new wave of ClickFix attacks spreading a macOS infostealer are posting malicious user guides on the official ChatGPT website by piggybacking the chatbot’s chat-sharing feature.

The Whisper Leak attack allows its perpetrator to guess the topic of your conversation with an AI assistant — without decrypting the traffic. We explore how this is possible, and what you can do to protect your AI chats.

How researchers hacked DeckMate 2 card shufflers, and how the mafia exploited those very vulnerabilities to cheat at poker.