A fake CAPTCHA scam is tricking Windows users into running PowerShell commands that install StealC malware and steal passwords, crypto wallets, and more.

When Microsoft patched a vulnerability last summer that allowed threat actors to use Windows’ shortcut (.lnk) files in ...

ClickFix campaigns have adapted to the latest defenses with a new technique to trick users into infecting their own machines with malware.

The campaign exploits an Office vulnerability to deliver the modular XWorm RAT, chaining HTA, PowerShell, and in-memory .NET execution to sidestep detection and expand post-compromise control.

Researchers revealed a Phorpiex-distributed phishing campaign using malicious LNK files to deploy Global Group ransomware ...

Suspected Russian actor deploys CANFAIL malware via phishing, targeting Ukrainian defense, energy, and aid sectors using LLM-assisted lures.

Catch up with this week's Microsoft Weekly news recap about a shakeup at the company's gaming division, some changes to the ...

Microsoft is rolling out native Sysmon support in Windows 11 Insider builds, giving security teams built-in system monitoring with optional activation.

Now Microsoft has confirmed three zero-day Windows security bypass vulnerabilities, users are warned to get their update ...

CRESCENTHARVEST uses protest lures and malicious LNK files to deploy RAT malware targeting Iran protest supporters for espionage and data theft.

A new open-source and cross-platform tool called Tirith can detect homoglyph attacks over command-line environments by ...