PowerShell can do far more than most users realize. Explore 10 hidden capabilities that save time, improve reporting, and supercharge your workflow.
North Korea-linked ScarCruft’s Ruby Jumper uses Zoho WorkDrive C2 and USB malware to breach air-gapped systems for ...
Ransomware threat actors tracked as Velvet Tempest are using the ClickFix technique and legitimate Windows utilities to deploy the DonutLoader malware and the CastleRAT backdoor.
Huntress researchers uncover campaign exploiting vulnerabilities to steal data using Elastic Cloud as a data hub ...
Threat groups are weaponizing industrial control access they’ve gained over the years, but critical infrastructure operators ...
Researchers uncover APT28-linked phishing attacks against Ukrainian targets deploying BadPaw loader and MeowMeow backdoor for ...
IntroductionIn December 2025, Zscaler ThreatLabz discovered a campaign linked to APT37 (also known as ScarCruft, Ruby Sleet, and Velvet Chollima), which is a DPRK-backed threat group. In this campaign ...
AttackIQ has released a new attack graph that emulates the behaviors exhibited by BlackByte ransomware, a strain operated ...
A fake company bought a valid EV certificate, signed malware, and helped criminals keep remote access to enterprise PCs.
The security researchers from Zscaler ThreatLabz have also discovered five new tools deployed by the North Korean hacking ...
Signed malware backed by a stolen EV certificate deployed legitimate RMM tools to gain persistent access inside enterprise ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results