Ransomware threat actors tracked as Velvet Tempest are using the ClickFix technique and legitimate Windows utilities to deploy the DonutLoader malware and the CastleRAT backdoor.

ESET researchers document how the Sednit APT group has reemerged with a modern toolkit centered on two paired implants – BeardShell and Covenant.

Coverage claims without context are one of the most persistent sources of confusion in security tooling. This post breaks down four myths behind ATT&CK coverage claims and offers a more useful ...

Clickfix attacks surged 500% in early 2025. Cybercriminals now use AI in BEC scams. AI is making phishing harder to detect. Cybercriminals are shifting their techniques to focus on the human element, ...

A threat campaign against human resource (HR) departments has recently been launched. What seems like a decent resume actually is malicious software that kills security defenses, including antivirus ...

A new malware strain dubbed Slopoly, likely created using generative AI tools, allowed a threat actor to remain on a compromised server for more than a week and steal data in an Interlock ransomware ...

New ClickFix variant maps WebDAV drive to run trojanized WorkFlowy app, enabling stealth C2 beacon and payload delivery.

If you use a company credit card as either an employee or small business owner, the way you use it could affect your personal credit score. The degree of its impact depends largely on what type of ...

The long-running Russian military hacking group tracked as Fancy Bear and APT28 has been wielding a new, "high-end custom arsenal" of custom ...

Illegally downloading the latest Oscar contender might feel like beating the system. But when the malware kicks in, as Morpheus once said, “Welcome to the real world.” Lurking in the shadows lies a ...