BlackSanta is a malware module that kills EDR and AV at the kernel level prior to unleashing the malware’s final purpose.

Iran-linked Dust Specter targeted Iraqi officials using fake ministry lures and new malware families uncovered by Zscaler.

ESET researchers document how the Sednit APT group has reemerged with a modern toolkit centered on two paired implants – BeardShell and Covenant.

The most widely adopted computer language in history, COBOL is now causing a host of problems. It's also dangerously difficult to remove.

IntroductionIn January 2026, Zscaler ThreatLabz observed activity by a suspected Iran-nexus threat actor targeting government officials in Iraq. ThreatLabz discovered previously undocumented malware ...

For more than a year, a Russian-speaking threat actor targeted human resource (HR) departments with malware that delivers a new EDR killer named BlackSanta.

Zscaler ThreatLabz assessed with medium to high confidence that an Iranian adversary targeted Iraq’s Ministry of Foreign Affairs in a new cyber-attack ...

VOID#GEIST malware campaign delivers XWorm, AsyncRAT, and Xeno RAT using batch scripts, Python loaders, and explorer.exe ...

ESET researchers have traced the reactivation of Sednit’s advanced implant team to a 2024 case in Ukraine, where a keylogger ...

The malware is described as an 'EDR killer', stopping security solutions and suppressing notifications.

North Korean hackers are deploying newly uncovered tools to move data between internet-connected and air-gapped systems, spread via removable drives, and conduct covert surveillance.

An OAuth feature is being abused in the wild to drop malware to people's computers.