North Korean-linked campaign publishes 26 malicious npm packages hiding C2 in Pastebin, deploying credential stealers & RAT ...

PowerShell can do far more than most users realize. Explore 10 hidden capabilities that save time, improve reporting, and supercharge your workflow.

The malware can remain undetected on a system until a threat actor initiates a connection with the compromised device, a CISA ...

North Korean hacking group APT37 was seen deploying new implants, backdoors, and other tools in attacks targeting air-gapped ...

North Korean hackers are deploying newly uncovered tools to move data between internet-connected and air-gapped systems, spread via removable drives, and conduct covert surveillance.

Anthropic fixed the flaws - but the AI-enabled attack surfaces remain Security vulnerabilities in Claude Code could have allowed attackers to remotely execute code on users' machines and steal API ...

IntroductionIn December 2025, Zscaler ThreatLabz discovered a campaign linked to APT37 (also known as ScarCruft, Ruby Sleet, and Velvet Chollima), which is a DPRK-backed threat group. In this campaign ...

Oasis Security, the identity security platform, today released new threat research exploring a vulnerability chain in ...

While the Windows maker did not attribute the activity to a specific threat actor, the use of VS Code tasks and Vercel ...

If you’ve ever done Linux memory forensics, you know the frustration: without debug symbols that match the exact kernel version, you’re stuck. These symbols aren’t typically installed on production ...

Safe coding is a collection of software design practices and patterns that allow for cost-effectively achieving a high degree ...

Discover OpenFang, the Rust-based Agent Operating System that redefines autonomous AI. Learn how its sandboxed architecture, pre-built "Hands," and security-first design outperform traditional Python ...