New ClickFix variant maps WebDAV drive to run trojanized WorkFlowy app, enabling stealth C2 beacon and payload delivery.

BlackSanta is a malware module that kills EDR and AV at the kernel level prior to unleashing the malware’s final purpose.

AI-generated Slopoly malware used by Hive0163 in 2026 attacks maintained access for over a week, highlighting how AI accelerates malware development.

This simple script tamed my Downloads folder.

A new ClickFix attack variant uses fake CAPTCHA pages instructing victims to paste and execute malicious commands in Windows Terminal.

For more than a year, a Russian-speaking threat actor targeted human resource (HR) departments with malware that delivers a new EDR killer named BlackSanta.

A new malware strain dubbed Slopoly, likely created using generative AI tools, allowed a threat actor to remain on a compromised server for more than a week and steal data in an Interlock ransomware ...

"Living Off the Land" attacks use built-in tools and processes instead of traditional malware.

A modern Task Scheduler for Windows 11 exists now, and honestly Microsoft should be embarrassed. Plus, it's free.

ESET researchers document how the Sednit APT group has reemerged with a modern toolkit centered on two paired implants – BeardShell and Covenant.

State-backed cyber threat actors from non-combatant states are taking advantage of the Israeli-US war on Iran to fulfil their own goals, according to Proofpoint analysts.

After several years of using simple implants, the Russia-affiliated threat actor is back with two new sophisticated malware tools.