China-linked Evasive Panda used DNS poisoning to deliver the MgBot backdoor in targeted espionage attacks from 2022 to 2024.

Researchers uncover malware campaigns using cracked software and compromised YouTube videos to deliver CountLoader, ...

ESET researchers discovered a China-aligned APT group, LongNosedGoblin, which uses Group Policy to deploy cyberespionage ...

The ClickFix campaign disguises malware as legitimate Windows updates, using steganography to hide shellcode in PNG files and bypass security detection systems.

Chinese APT Jewelbug infiltrated a Russian IT provider, dwelling undetected for five months Attackers used renamed Microsoft debugger to bypass defenses and exfiltrate data via Yandex Cloud Symantec ...

Abstract: A NOP (no-operation) sled is used as part of binary exploitation code to provide flexibility for exploitation accuracy and evade signatures before and after the exploitation has occurred and ...

If hacking on consumer hardware is about figuring out what it can do, and pushing it in directions that the manufacturer never dared to dream, then this is a very fine hack indeed. [Portasynthica3] ...

A state-sponsored threat actor has exploited two Cisco zero-day vulnerabilities in firewall devices to target the perimeter of government networks with two custom-built backdoors, in a global ...

BLACK HAT ASIA – Singapore – Windows fibers, little-known components of Windows OS, represent a largely undocumented code-execution pathway that exists exclusively in user mode — and is therefore ...

Between 2019 and December 2022, an extremely advanced iMessage vulnerability was in the wild that was eventually named “Operation Triangulation” by security researchers at Kasperksy who discovered it.