PowMix targets Czech workforce since Dec 2025 using jittered C2 and ZIP phishing, enabling stealthy remote access and ...

PHANTOMPULSE spreads via Obsidian plugin abuse in REF6598 campaign, targeting finance and crypto users, bypassing AV controls ...

Microsoft is dropping MSI installers in PowerShell 7.7, shifting to MSIX as the default for better reliability, updates, and ...

A new malware family named 'AgingFly' has been identified in attacks against local governments and hospitals that steal ...

A North Korea-nexus threat actor compromised the widely used axios npm package, delivering a cross-platform remote access trojan to potentially millions of developer environments during a three-hour ...

STX RAT, a newly identified remote access trojan, attempted deployment in finance, showing advanced C2 and stealthy delivery ...

The CPU-Z And HWMonitor installers being compromised is notable because a user could do everything correctly and still get pwned.

The financially motivated cybercriminal threat actor Storm-1175 operates high-velocity ransomware campaigns that weaponize ...

Microsoft’s CA-2023 Secure Boot update broke PCs. Learn why UEFI firmware failed, how vendors reacted, and how to fix your boot issues.

This week, German police unmasked a REvil leader, a critical Docker flaw, Medusa ransomware surged, DPRK hackers abused ...

The Medusa ransomware group is operating at a fast pace by leveraging zero-days and quickly exploiting new bugs and breached ...

Attackers are exploiting trust in Adobe’s brand to deliver covert remote access, using a fake Acrobat Reader download page to install ConnectWise ScreenConnect through a fileless, memory-heavy attack ...