Ransomware threat actors tracked as Velvet Tempest are using the ClickFix technique and legitimate Windows utilities to deploy the DonutLoader malware and the CastleRAT backdoor.

ESET researchers document how the Sednit APT group has reemerged with a modern toolkit centered on two paired implants – BeardShell and Covenant.

Coverage claims without context are one of the most persistent sources of confusion in security tooling. This post breaks down four myths behind ATT&CK coverage claims and offers a more useful ...

Clickfix attacks surged 500% in early 2025. Cybercriminals now use AI in BEC scams. AI is making phishing harder to detect. Cybercriminals are shifting their techniques to focus on the human element, ...

Illegally downloading the latest Oscar contender might feel like beating the system. But when the malware kicks in, as Morpheus once said, “Welcome to the real world.” Lurking in the shadows lies a ...

A threat campaign against human resource (HR) departments has recently been launched. What seems like a decent resume actually is malicious software that kills security defenses, including antivirus ...

New ClickFix variant maps WebDAV drive to run trojanized WorkFlowy app, enabling stealth C2 beacon and payload delivery.

A new malware strain dubbed Slopoly, likely created using generative AI tools, allowed a threat actor to remain on a compromised server for more than a week and steal data in an Interlock ransomware ...

A handful of scripts can eliminate a lot of work.

Apple’s $599 MacBook Neo is generating hype, but it won’t kill Windows laptops. Here’s why budget Windows PCs will remain ...

Microsoft Copilot app for Windows can now sync passwords as the AI gains a built-in browser sidepane for opening links inside ...