Malicious Packagist Laravel packages install a cross-platform RAT enabling remote shell access and system reconnaissance via ...

Overview On February 11, 2026, NSFOCUS CERT monitored Microsoft’s release of its February security update patches, addressing 59 security issues across widely used products such as Windows, Azure, ...

Signed malware backed by a stolen EV certificate deployed legitimate RMM tools to gain persistent access inside enterprise ...

PowerShell can be an information technology (IT) admin’s best friend if they know how to use it properly. Created by Microsoft over a decade ago, this object-oriented automation engine allows IT ...

A fake company bought a valid EV certificate, signed malware, and helped criminals keep remote access to enterprise PCs.

SloppyLemming targeted Pakistan and Bangladesh with BurrowShell, a Rust keylogger, and 112 Cloudflare Workers domains in 2025–2026.

North Korean hackers are deploying newly uncovered tools to move data between internet-connected and air-gapped systems, spread via removable drives, and conduct covert surveillance.

Threat actors are now abusing DNS queries as part of ClickFix social engineering attacks to deliver malware, making this the first known use of DNS as a channel in these campaigns. ClickFix attacks ...

A compromised Chrome extension with 7,000 users was updated to deploy malware, strip security headers, and steal cryptocurrency wallet seed phrases.

Two tools that have recently landed, taken together, define what the next phase of AI agent competition looks like. On5, Anthropic released Remote Control for Claude Code — a feature that lets ...

When you peel back the covers to view what's going on beneath the surface, you'll find that GNOME 50 is actually a significant release; it just doesn't show it off. GNOME 50 is a ton of subtle changes ...

A fake CAPTCHA scam is tricking Windows users into running PowerShell commands that install StealC malware and steal passwords, crypto wallets, and more.