A threat actor targeted low-skilled hackers, known as ‘script kiddies’ with a fake malware builder that secretly infected them with a backdoor to st ...

August 2025 campaigns deliver kkRAT and Gh0st RAT variants via SEO poisoning, disabling antivirus to hijack crypto wallets.

HP Wolf has reported the use of multiple, uncommon binaries and novel uses of legitimate image files in recent malicious ...

Windows Script Host provides scripting abilities like batch files but includes many more features. It can be used manually by a user as well as created by the operating system to automate the flow of ...

IntroductionAPT37 (also known as ScarCruft, Ruby Sleet, and Velvet Chollima) is a North Korean-aligned threat actor active since at least 2012. APT37 primarily targets South Korean individuals ...

Mohammedia – A new malware strain named ModStealer has emerged, posing a significant threat to cryptocurrency users. This ...

Is your Windows computer running slow, or is it infected? You can probably download an antivirus and start scanning for malware or any other clean-up tool. But what ...

ScarCruft’s Operation HanKook Phantom uses RokRAT malware in spear-phishing campaigns, targeting South Korean academics for ...

A threat actor named WhiteCobra has targeting VSCode, Cursor, and Windsurf users by planting 24 malicious extensions in the ...

A sophisticated cyber‐espionage operation is exploiting Windows shortcut files disguised alongside seemingly genuine PDF newsletters to surreptiti ...

ESET researchers have identified a new threat actor targeting Windows servers with a passive C++ backdoor and a malicious IIS ...

Cybersecurity researchers have discovered NotDoor, a new cyber-espionage tool linked to the Russian state-sponsored hacking ...