Researchers link Silver Dragon APT to APT41 after attacks on government entities using Cobalt Strike, DNS tunneling, and ...

A developer-targeting campaign leveraged malicious Next.js repositories to trigger a covert RCE-to-C2 chain through standard ...

While the Windows maker did not attribute the activity to a specific threat actor, the use of VS Code tasks and Vercel ...

A sophisticated Python-based malware deployment uncovered during a fraud investigation has revealed a layered attack involving obfuscation, disposable infrastructure and commercial offensive tools.

A hacker jailbroke Claude to steal 150GB of Mexican government data in a month-long campaign. CrowdStrike's latest threat report shows it's part of a wider pattern — and maps four domains most ...

There are moments in the evolution of a nation when a single incident, seemingly isolated, exposes a deeper and more troubling ...

Linked to North Korean fake job-recruitment campaigns, the poisoned repositories are aimed at establishing persistent C2 ...

IntroductionIn December 2025, Zscaler ThreatLabz discovered a campaign linked to APT37 (also known as ScarCruft, Ruby Sleet, and Velvet Chollima), which is a DPRK-backed threat group. In this campaign ...

Basso talks season three of The Night Agent, playing Peter Sutherland and what his years away from Hollywood taught him.

A fake CAPTCHA scam is tricking Windows users into running PowerShell commands that install StealC malware and steal passwords, crypto wallets, and more.

SlowMist indicated that in a surge of interest surrounding open-source AI agent framework OpenClaw, its repository, ClawHub, has become hotspot.

Attackers recently leveraged LLMs to exploit a React2Shell vulnerability and opened the door to low-skill operators and calling traditional indicators into question.