Ransomware threat actors tracked as Velvet Tempest are using the ClickFix technique and legitimate Windows utilities to deploy the DonutLoader malware and the CastleRAT backdoor.

ESET researchers document how the Sednit APT group has reemerged with a modern toolkit centered on two paired implants – BeardShell and Covenant.

Coverage claims without context are one of the most persistent sources of confusion in security tooling. This post breaks down four myths behind ATT&CK coverage claims and offers a more useful ...

Clickfix attacks surged 500% in early 2025. Cybercriminals now use AI in BEC scams. AI is making phishing harder to detect. Cybercriminals are shifting their techniques to focus on the human element, ...

Illegally downloading the latest Oscar contender might feel like beating the system. But when the malware kicks in, as Morpheus once said, “Welcome to the real world.” Lurking in the shadows lies a ...

A threat campaign against human resource (HR) departments has recently been launched. What seems like a decent resume actually is malicious software that kills security defenses, including antivirus ...

New ClickFix variant maps WebDAV drive to run trojanized WorkFlowy app, enabling stealth C2 beacon and payload delivery.

Semantic versioning gives PowerShell script changes clear meaning so you can evolve scripts quickly without letting updates devolve into chaos.

A new malware strain dubbed Slopoly, likely created using generative AI tools, allowed a threat actor to remain on a compromised server for more than a week and steal data in an Interlock ransomware ...

PCWorld reports that Microsoft Edge is developing a new feature allowing Windows users to create and remove desktop shortcuts for individual browser profiles. This Windows-exclusive functionality will ...

ChatGPT Atlas update adds multiple account sign-in using browser profiles, helping users separate personal, work, and school activity while browsing.