Signing code is a critical process for maintaining software integrity and developer trust. On a Windows-based system, Authenticode signing provides assurance after a program or driver has been posted ...

Now Microsoft has confirmed three zero-day Windows security bypass vulnerabilities, users are warned to get their update ...

When Microsoft patched a vulnerability last summer that allowed threat actors to use Windows’ shortcut (.lnk) files in ...

Researchers revealed a Phorpiex-distributed phishing campaign using malicious LNK files to deploy Global Group ransomware ...

China-linked Amaranth-Dragon and Mustang Panda target Southeast Asian governments using WinRAR exploit and PlugX phishing ...

CrashFix crashes browsers to coerce users into executing commands that deploy a Python RAT, abusing finger.exe and portable Python to evade detection and persist on high‑value systems.

How modern infostealers target macOS systems, leverage Python‑based stealers, and abuse trusted platforms and utilities to ...

According to a new advisory by Forcepoint, the campaign relies on the continued effectiveness of Windows shortcut (.lnk) ...

Bloody Wolf spear-phishing campaign deploys NetSupport RAT across Uzbekistan and Russia, hitting 60+ victims and multiple ...

ESET researchers present technical details on a recent data destruction incident affecting a company in Poland’s energy sector.

Researchers at Huntress and Microsoft have shared findings from their analysis of a new SolarWinds Web Help Desk vulnerability.

ESET researchers discover an Android spyware campaign targeting users in Pakistan via romance scam tactics, revealing links to a broader spy operation.