New analysis shows the campaign, which uses compromised WordPress sites, may be linked to the ransomware and extortion group Vice Society.
ClickFix attacks are delivering BabaDeda, Lorem Ipsum, and Potemkin loaders to deploy stealers, RATs, and ransomware-linked ...
A threat actor is using an AI-built ransomware attack toolkit that automates Active Directory discovery and helps evade endpoint detection and response (EDR) solutions.
The Vietnam-aligned threat actor known as OceanLotus has been attributed to two distinct campaigns that targeted domestic ...
Fake Claude Code installer malware used Google Ads to place spoofed AI tool pages above real documentation since March 2026. The fileless credential stealer targets AI API keys, crypto wallets, and ...
Our tracking of OceanLotus activities from 2024–2026 reveals a shift in operational focus. During this period, the Vietnam-aligned OceanLotus adopted a more selective approach to external operations ...
Writing my own virtualized loader is something I’ve been wanting to do since I first read Microsoft’s deep dive on FinFisher’s multi-layered VM obfuscation back in 2018. FinFisher didn’t just use one ...
ESET researchers have discovered SprySOCKS for Windows, FishMonger’s backdoor weaponizing a kernel driver for advanced ...
Three recent Apple moves in spatial computing, privacy and low-cost Macs show how it keeps turning apparently limited decisions into long-term strategic advantages. No matter the age of your Windows ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results