DNS testing is wonderful, but it can be a confusing mess.
In Operation Muck and Load, over 200 GitHub repositories serve a Go module that leads to Windows malware infections.
A fileless malware framework is abusing Google’s Blogspot platform to deliver PureLog Stealer directly into computer memory, sharpening concerns that trusted web services are being turned into staging ...
A variant of the PureLogs infostealer malware has been distributed through purchase-order-themed phishing emails that use a malicious JavaScript file to launch a multi-stage infection chain on Windows ...
A fake CAPTCHA scam is tricking Windows users into running PowerShell commands that install StealC malware and steal passwords, crypto wallets, and more. A new social engineering campaign is abusing ...
Have you ever been given an application and instructed to run it on various computers and systems, only to realize that it wasn’t built for multiple hosts? After all, some apps are designed to be ...
Microsoft is killing off an obsolete and vulnerable encryption cipher that Windows has supported by default for 26 years following more than a decade of devastating hacks that exploited it and ...
Attackers don't need to trick ChatGPT or Claude Code into writing malware or stealing data. There's a whole class of LLMs built especially for the job. One of these, WormGPT 4, advertises itself as ...
In February 2025, we discovered that the Gamaredon tool PteroGraphin was used to restart Turla’s Kazuar backdoor on a machine in Ukraine. In April and June 2025, we detected that Kazuar v2 was ...
The long-running Vidar infostealer has evolved with new obfuscation techniques. That is according to researchers at cybersecurity vendor Aryaka, which published research last week dedicated to a fresh ...
A new malware campaign is distributing a novel Rust-based information stealer dubbed EDDIESTEALER using the popular ClickFix social engineering tactic initiated via fake CAPTCHA verification pages.