China-linked Amaranth-Dragon and Mustang Panda target Southeast Asian governments using WinRAR exploit and PlugX phishing ...

Unlike traditional attacks that rely on exploits, this succeeds through social engineering combined with abuse of Windows' own security architecture.

Gaming on SteamOS has just been made much easier, thanks to a new Decky Loader plugin that fits multiple game libraries into one.

IntroductionIn September 2025, Zscaler ThreatLabz identified two campaigns, tracked as Gopher Strike and Sheet Attack, by a threat actor that operates in Pakistan and primarily targets entities in the ...

The Steam Deck is basically a full-fledged mini PC, which means it can do a lot, from installing custom plugins to emulating ...

Too slow react-ion time Baddies are exploiting a critical bug in React Native's Metro development server to deliver malware ...

A multi-stage phishing campaign targeting Russia abuses GitHub and Dropbox to disable Microsoft Defender and deploy Amnesia ...

Threat actors are exploiting the Metro4Shell React Native vulnerability to deploy malware on Linux and Windows systems.

GootLoader malware operators use deceptive installers, malicious ISO files, and browser hijacking to deliver ransomware and info-stealers.

This is Part 2 of our two-part technical analysis on the Gopher Strike and Sheet Attack campaigns. For details on the Gopher Strike campaign, go to Part 1.IntroductionIn September 2025, Zscaler ...

Within days of Microsoft patching a critical Office zero-day, the Russia-linked group “APT28” was already exploiting the flaw in a live campaign tracked as Operation Neusploit.

It has been cooking for a while.