In Operation Muck and Load, over 200 GitHub repositories serve a Go module that leads to Windows malware infections.
A new malicious framework called OkoBot is delivering more than 20 payloads in attacks focused on stealing cryptocurrency ...
One of the Russian government’s most elite hacking groups has adopted an attack, known as Clickfix, to compromise devices belonging to sensitive organizations in Ukraine, the latter country’s CERT ...
A likely AI-generated PowerShell script mapped Active Directory after an attacker gained RDP access to a Windows Server with ...
The attack vector is available for rent at scale, and evades AV and EDR, leaving YARA analysis as the best detection option.
Securonix uncovers the Veil#Drop malware framework, which abuses compromised websites and Google Blogspot to deploy the PureLog information stealer.
A threat actor has been caught using AI-generated malware in a real network intrusion, deploying a PowerShell script that an ...
Sophos says Claude Code, Cursor, and Codex triggered Windows endpoint rules for credential access, LOLBin downloads, and ...
A Russian-speaking threat actor known as "bandcampro" used Google's open-source Gemini CLI AI tool as a hacking agent and to ...
This useful unofficial Windows 11 app has received a significant upgrade, delivering faster performance and smoother ...
Microsoft Patch Tuesday July 2026 delivers 622 CVEs, the largest release in company history, with two exploited zero-days in ...
A newly identified destructive Windows backdoor combines ransomware-like encryption with multiple data-wiping features, ...