CrashFix crashes browsers to coerce users into executing commands that deploy a Python RAT, abusing finger.exe and portable ...

Cybersecurity investigators have identified a new cyberattack campaign connected to the Russia-linked hacking group APT28, ...

APT28 exploited a Microsoft Office flaw to deliver MiniDoor and Covenant Grunt malware in targeted attacks across Ukraine and Eastern Europe.

Security researchers have attributed the Notepad++ update hijacking to a Chinese government-linked espionage crew called ...

China-linked Mustang Panda used updated COOLCLIENT malware in 2025 espionage to steal data from government and telecom ...

This is Part 2 of our two-part technical analysis on the Gopher Strike and Sheet Attack campaigns. For details on the Gopher Strike campaign, go to Part 1.IntroductionIn September 2025, Zscaler ...

IntroductionIn September 2025, Zscaler ThreatLabz identified two campaigns, tracked as Gopher Strike and Sheet Attack, by a threat actor that operates in Pakistan and primarily targets entities in the ...

A new malicious campaign mixes the ClickFix method with fake CAPTCHA and a signed Microsoft Application Virtualization (App-V ...

The Cybersecurity and Infrastructure Security Agency (CISA), National Security Agency, and Canadian Centre for Cyber Security have released an update to the Malware Analysis Report BRICKSTORM Backdoor ...

We’ve recently seen how ChatGPT was used to trick Mac users into installing MacStealer, and now a different tactic has been found to persuade users to install a version of MacSync Stealer. The Mac ...

We are either at the dawn of AI-driven malware that rewrites itself on the fly, or we are seeing vendors and threat actors exaggerate its capabilities. Recent Google and MIT Sloan reports reignited ...