A fake $TEMU crypto airdrop uses the ClickFix trick to make victims run malware themselves and quietly installs a remote-access backdoor.

AI-generated Slopoly malware used by Hive0163 in 2026 attacks maintained access for over a week, highlighting how AI accelerates malware development.

A new malware strain dubbed Slopoly, likely created using generative AI tools, allowed a threat actor to remain on a compromised server for more than a week and steal data in an Interlock ransomware ...

NightBeaconAI is the threat analysis engine operating inside the Binary Defense SOC. It analyzes logs, alerts, files, emails, and command-line activity across multiple formats and produces ...

Throughout early 2026, SentinelOne’s Digital Forensics & Incident Response (DFIR) team has responded to several incidents where FortiGate Next-Generation Firewall (NGFW) appliances have been ...

Cybercriminals have compromised hundreds of websites – including regional news outlets and the website of a US Senate candidate – in a global malware operation new research has uncovered.

Sudo in Windows is a godsend.

Starting June 1, Microsoft will stop sending Teams meeting recording expiration emails. New settings let admins re-enable ...

A campaign by Russian-speaking cyberattackers hijacks workflows to deliver security-busting malware, allowing attackers to steal data without detection.

The long-running Russian military hacking group tracked as Fancy Bear and APT28 has been wielding a new, "high-end custom arsenal" of custom ...

For more than a year, a Russian-speaking threat actor targeted human resource (HR) departments with malware that delivers a new EDR killer named BlackSanta.

ESET researchers have traced the reactivation of Sednit’s advanced implant team to a 2024 case in Ukraine, where a keylogger named SlimAgent was deployed.During that operation, BeardShell, a second ...