A multi-stage phishing campaign targeting Russia abuses GitHub and Dropbox to disable Microsoft Defender and deploy Amnesia ...

North Korean group Konni uses AI-assisted PowerShell malware and phishing via Google ads and Discord to breach blockchain ...

This is Part 2 of our two-part technical analysis on the Gopher Strike and Sheet Attack campaigns. For details on the Gopher Strike campaign, go to Part 1.IntroductionIn September 2025, Zscaler ...

How modern infostealers target macOS systems, leverage Python‑based stealers, and abuse trusted platforms and utilities to ...

An operational security failure allowed researchers to recover data that the INC ransomware gang stole from a dozen U.S.

Prompt injection for the win Anthropic has fixed three bugs in its official Git MCP server that researchers say can be chained with other MCP tools to remotely execute malicious code or overwrite ...

The attack consists of a NexShield malicious browser extension, a social engineering technique to crash the browser, and a ...

A malvertising campaign is using a fake ad-blocking Chrome and Edge extension named NexShield that intentionally crashes the ...

Launch multiple apps at once, clear temporary files, and more.

ESET researchers present technical details on a recent data destruction incident affecting a company in Poland’s energy sector.

ESET researchers discover an Android spyware campaign targeting users in Pakistan via romance scam tactics, revealing links to a broader spy operation.

Moltbot’s viral open-source AI assistant wowed users with automation power but sparked major security, privacy, and misuse concerns.