Kaspersky says the attacks use phishing, GitHub-hosted payloads, CVE-2025-9491 LNK abuse, and Go2Tunnel-based tunneling.
Armored Likho BusySnake Stealer, a Python-based infostealer first disclosed by Kaspersky, is actively targeting government ...
Arctic Wolf says Anubis affiliates abused RMM tools, VPN logins, RDP, PsExec, and cloud-transfer tools before ransomware ...
Zluda is back to a hobby, as the open-source project has lost commercial funding with version 6 but added early 32-bit PhysX ...
A Connecticut man faces up to 10 years in prison for allegedly selling Windows 2000 and Windows NT source code stolen from a ...
Multiple weaponized proof-of-concept (PoC) exploits on GitHub delivered a Python-based remote access trojan (RAT) called ChocoPoC that can execute commands and steal sensitive data. However, ChocoPoC ...
Separate but similar campaigns described by Microsoft and Trend Micro use malicious zip files to spread malware via social ...
Attackers can inject indirect prompts in normal-looking repositories to trick Claude Code into spawning a reverse shell.
We installed WSL Containers on Windows 11, built a custom container from scratch, tested it, and checked what still needs ...
ConsentFix and ClickFix attacks steal Microsoft 365 tokens in seconds using fake prompts and OAuth flows. Learn how these MFA ...