In Operation Muck and Load, over 200 GitHub repositories serve a Go module that leads to Windows malware infections.
A likely AI-generated PowerShell script mapped Active Directory after an attacker gained RDP access to a Windows Server with ...
Securonix uncovers the Veil#Drop malware framework, which abuses compromised websites and Google Blogspot to deploy the PureLog information stealer.
Sophos says Claude Code, Cursor, and Codex triggered Windows endpoint rules for credential access, LOLBin downloads, and ...
A threat actor has been caught using AI-generated malware in a real network intrusion, deploying a PowerShell script that an ...
The attack vector is available for rent at scale, and evades AV and EDR, leaving YARA analysis as the best detection option.
Microsoft and OEMs fixed key Secure Boot certificate issues for IT admins at a live office hours event, covering BIOS updates ...
A new malicious framework called OkoBot is delivering more than 20 payloads in attacks focused on stealing cryptocurrency ...
One of the Russian government’s most elite hacking groups has adopted an attack, known as Clickfix, to compromise devices ...
A Russian-speaking threat actor known as "bandcampro" used Google's open-source Gemini CLI AI tool as a hacking agent and to ...
A newly identified destructive Windows backdoor combines ransomware-like encryption with multiple data-wiping features, ...