Threat Research

In March 2026, Anthropic accidentally exposed the full source code of its Claude Code AI agent through a misconfigured npm package that included a large JavaScript source map file. The leak revealed hundreds of thousands of lines of unobfuscated code, exposing internal architecture, agent orchestration logic, and security-related components....

UNC5142 is a financially motivated threat actor known for distributing infostealers such as ATOMIC, VIDAR, LUMMAC.V2, and RADTHIEF using a technique called EtherHiding, which involves storing malicious code within smart contracts on the BNB Smart Chain to evade traditional detection methods....

Our team uncovered a malicious website impersonating Disney+, used to deliver the Vidar infostealer malware. The site posed as an influencer collaboration portal, luring users into executing malware hosted on a WebDAV server....

Our researchers recently identified AI-themed websites being used to distribute malware. Threat actors are leveraging the popularity of tools like ChatGPT and Luma AI to lure users. These malicious sites, often built on WordPress, are optimized to rank in search engines and attract traffic....

A new social engineering campaign leverages TikTok to spread Vidar and StealC stealers via videos instructing users to run disguised PowerShell commands. Some clips, possibly AI-generated, have reached over 500,000 views, increasing the threat’s exposure. This can lead to credential theft and system compromise for businesses....