ESET researchers have discovered SprySOCKS for Windows, FishMonger’s backdoor weaponizing a kernel driver for advanced ...

Proofpoint says UNK_DeadDrop sent 250+ phishing emails to nearly 100 firms, using GitHub and VS Code lures to steal ...

Bitdefender security researchers have discovered that attackers continue to exploit Microsoft HTML Application Host (MSHTA), a legacy utility available by default on Windows systems that can execute ...

Claude’s rapid growth—nearly 290 million web visits per month—has made it an attractive target for attackers, and this campaign shows how easy it is to fall for a fake site. We discovered a fake ...

Windows Script Host provides scripting abilities like batch files but includes many more features. It can be used manually by a user as well as created by the operating system to automate the flow of ...

The attack chain relies on delayed execution, trusted Windows utilities, and legitimate hosting services to maintain persistence and evade detection. Microsoft is warning WhatsApp users of a new ...

On March 31, 2026, two new npm packages for updated versions of Axios, a popular HTTP client for JavaScript that simplifies making HTTP requests to a REST endpoint with over 70 million weekly ...

A new malicious campaign mixes the ClickFix method with fake CAPTCHA and a signed Microsoft Application Virtualization (App-V) script to ultimately deliver the Amatera infostealing malware. The ...

A campaign known as Shadow#Reactor uses text-only files to deliver a Remcos remote access Trojan (RAT) to compromise victims, as opposed to a typical binary. Researchers with security vendor Securonix ...

Cybersecurity researchers have disclosed details of a new campaign dubbed SHADOW#REACTOR that employs an evasive multi-stage attack chain to deliver a commercially available remote administration tool ...

Here's what those enrolled in the Windows 10 Extended Security Updates program need to know about each monthly security ...