This simple script tamed my Downloads folder.

New ClickFix variant maps WebDAV drive to run trojanized WorkFlowy app, enabling stealth C2 beacon and payload delivery.

A fake $TEMU crypto airdrop uses the ClickFix trick to make victims run malware themselves and quietly installs a remote-access backdoor.

Illegally downloading the latest Oscar contender might feel like beating the system. But when the malware kicks in, as Morpheus once said, “Welcome to the real world.” Lurking in the shadows lies a ...

BlackSanta is a malware module that kills EDR and AV at the kernel level prior to unleashing the malware’s final purpose.

Those aren't toys. Malware used in a sophisticated spear-phishing and infostealing campaign by Russian bad actors includes a component dubbed BlackSanta that can shut down antivirus and EDR ...

A handful of scripts can eliminate a lot of work.

The long-running Russian military hacking group tracked as Fancy Bear and APT28 has been wielding a new, "high-end custom arsenal" of custom ...

ESET researchers document how the Sednit APT group has reemerged with a modern toolkit centered on two paired implants – BeardShell and Covenant.

Malicious Chrome extensions tied to ownership transfers push malware and steal data, exposing thousands to credential theft and system compromise.

Unwitting victims are now being tricked into installing malware via Windows Terminal, but some experts say this is old news.

OAuth redirection is being repurposed as a phishing delivery path. Trusted authentication flows are weaponized to move users ...