The state-sponsored hackers deployed custom tools and stayed dormant in the compromised environments for months.

ClickFix campaigns spread MacSync macOS infostealer via malicious Terminal commands since Nov 2025, targeting AI tool users ...

As users (and detection tools) have gotten better at identifying the signs of a malware infection and savvy enough to avoid them in the first place, some cybercriminals have changed tactics.

China-linked CL-STA-1087 targets Southeast Asian militaries since 2020 using AppleChris and MemFun for espionage and credential theft.

How to check your Windows PC for expiring security certificates - a big one is ending soon ...

BlackSanta is a malware module that kills EDR and AV at the kernel level prior to unleashing the malware’s final purpose.

As enterprises increasing depend on cloud services, living off the land has evolved into living off the cloud.

Ransomware threat actors tracked as Velvet Tempest are using the ClickFix technique and legitimate Windows utilities to deploy the DonutLoader malware and the CastleRAT backdoor.

A new twist on the long-running ClickFix scam is now tricking Windows users into launching Windows Terminal and pasting ...

Overview Iranian‑aligned cyber actors pose an elevated near‑term risk due to their history of espionage, credential theft, disruptive attacks, and high‑visibility “hacktivist” and disinformation ...

A compromised Chrome extension with 7,000 users was updated to deploy malware, strip security headers, and steal cryptocurrency wallet seed phrases.

Microsoft uncovers OAuth phishing campaigns that abuse login redirects to deliver malware and steal credentials.