What happens when you fine‑tune Windows 11 with Sophia Script? A lot.

Windows 11 feeling bloated? Sophia Script lets you reshape the OS from the inside out. Here's how it works.

OAuth phishers make ‘check where the link points’ advice ineffective

Microsoft has identified a phishing campaign using malformed links to legitimate OAuth services to redirect to malware ...

Microsoft: Hackers abuse OAuth error flows to spread malware

Hackers are abusing the legitimate OAuth redirection mechanism to bypass phishing protections in email and browsers to take ...
Microsoft

Signed malware impersonating workplace apps deploys RMM backdoors

Signed malware backed by a stolen EV certificate deployed legitimate RMM tools to gain persistent access inside enterprise ...
Security Boulevard

APT37 Adds New Capabilities for Air-Gapped Networks

IntroductionIn December 2025, Zscaler ThreatLabz discovered a campaign linked to APT37 (also known as ScarCruft, Ruby Sleet, and Velvet Chollima), which is a DPRK-backed threat group. In this campaign ...
SecurityWeek

North Korean APT Targets Air-Gapped Systems in Recent Campaign

North Korean hacking group APT37 was seen deploying new implants, backdoors, and other tools in attacks targeting air-gapped ...

Microsoft warns of OAuth phishing campaigns able to bypass email and browser defenses

An OAuth feature is being abused in the wild to drop malware to people's computers.
Security Boulevard

Dust Specter APT Targets Government Officials in Iraq

IntroductionIn January 2026, Zscaler ThreatLabz observed activity by a suspected Iran-nexus threat actor targeting government officials in Iraq. ThreatLabz discovered previously undocumented malware ...

Phish of the day: Microsoft OAuth scams abuse redirects for malware delivery

Crims hope for payday from malicious payloads rather than stealing access tokens Microsoft has warned organizations about ...

Microsoft Delivers New Windows 11 Insider Builds With Security, UX Tweaks

Microsoft rolls out Windows 11 Insider builds featuring a built-in network speed test, Emoji 16.0, shared audio controls, and stronger batch file security.
The Hacker News

Trojanized Gaming Tools Spread Java-Based RAT via Browser and Chat Platforms

Trojanized gaming tools and new Windows RATs like Steaelite enable data theft, ransomware, and persistent remote control.
Cyber Defense Magazine

The New AI Arsenal: Why LLMs and Transformers Matter for CISOs

As Chief Information Security Officers (CISOs) and security leaders, you are tasked with safeguarding your organization in an ...