I'd like to thank my co-author, Martin Zugec, for his valuable contributions to this report. This intrusion adds three dimensions to the public understanding of Chinese APT activity in contested ...
Games on unsupported mappers won't run. PS5 console (any firmware, tested up to 13.00) LuaC0re set up and working Star Wars Racer Revenge — US (CUSA03474) or EU (CUSA03492) If you're on latest FW you ...
Using Windows shortcut files, the APT deployed a new implant, a loader, a propagation tool, and two backdoors. A North Korea-linked threat actor tracked as APT37 has been observed using five new ...
The North Korean threat actor known as ScarCruft has been attributed to a fresh set of tools, including a backdoor that uses Zoho WorkDrive for command-and-control (C2) communications to fetch more ...
IntroductionIn December 2025, Zscaler ThreatLabz discovered a campaign linked to APT37 (also known as ScarCruft, Ruby Sleet, and Velvet Chollima), which is a DPRK-backed threat group. In this campaign ...
An attack called FileFix is masquerading as a Facebook security alert before ultimately dropping the widely used StealC infostealer and malware downloader on Windows machines. ClickFix typically asks ...
ms17_vuln_status.cpp - This program sends 4 SMB packets. 1 negotiation, 1 session setup, 1 tree connect and 1 TransNamedPipe request. This program then reads the NT_STATUS response from the ...
A previously unknown Chinese hacking group known as 'Space Pirates' targets enterprises in the Russian aerospace industry with phishing emails to install novel malware on their systems. The threat ...