The attack vector is available for rent at scale, and evades AV and EDR, leaving YARA analysis as the best detection option.
Montgomery County police are warning against hidden malware in fake game mods. Montgomery County police say cybercriminals ...
Researchers have found a never-before-seen piece of macOS malware that combines a series of clever tradecraft to infect Macs ...
A previously undocumented Windows backdoor is silently running inside corporate networks across the insurance, education, IT, and professional services sectors — and your endpoint security software is ...
A threat actor is targeting banks and other high-value organizations in a phishing campaign to deliver Phantom Stealer, a credential and session-stealing malware designed to evade conventional ...
Phantom Stealer phishing targets banks with fileless malware and in-memory Windows process injection. The infostealer harvests credentials, cookies, financial data, screenshots, and cryptocurrency ...
Fake Claude Code install sites are pushing malware that steals API keys, developer credentials, crypto wallets, and other sensitive data. Developers searching for Claude Code installation instructions ...
Researchers found a Linux malware called QLNX that combines P2P networking, rootkits, PAM backdoors, and fileless execution to persist and evade takedowns. Attackers have found a new way to turn Linux ...
BlueNoroff hackers used fake Zoom calls, ClickFix prompts, and fileless PowerShell malware to steal credentials from Web3 and crypto targets. A fake meeting invite is all it can take to turn a routine ...
Researchers have finally cracked Fast16, mysterious code capable of silently tampering with calculation and simulation software. It was created in 2005—and likely deployed by the US or an ally. Vitaly ...
ESET researchers have discovered a previously undocumented China-aligned APT group that we named GopherWhisper. The group wields a wide array of tools mostly written in Go, using injectors and loaders ...
One group of hackers used AI for everything from vibe coding their malware to creating fake company websites—and stole as much as $12 million in three months. On Wednesday, cybersecurity firm Expel ...