VOID#GEIST malware campaign delivers XWorm, AsyncRAT, and Xeno RAT using batch scripts, Python loaders, and explorer.exe ...

Malicious npm package '@openclaw-ai/openclawai' downloaded 178 times installs GhostLoader RAT, stealing credentials and crypto wallets.

Unlike previous Wi-Fi attacks, AirSnitch exploits core features in Layers 1 and 2 and the failure to bind and synchronize a ...

A certificate failure is rarely ever “just a certificate issue.” On the surface, it may seem mundane: You discover that a certificate has expired, and you replace it. But in modern digital ...

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has released new details about RESURGE, a malicious implant used in zero-day attacks exploiting CVE-2025-0282 to breach Ivanti Connect ...

Stop struggling with complex VPNs and risky port forwarding. Netbird gives you instant, secure remote access to your self-hosted apps in minutes.

Ransomware threat actors tracked as Velvet Tempest are using the ClickFix technique and legitimate Windows utilities to deploy the DonutLoader malware and the CastleRAT backdoor.

Distributed through over 100 GitHub repositories, the BoryptGrab stealer targets browser, wallet, system, and other user data ...

In our incident analysis, we examined more than 30,000 attacker dumps and tied the exposed secrets to 1,195 organizations worldwide, including banks, government bodies and large technology companies.

ESET researchers document how the Sednit APT group has reemerged with a modern toolkit centered on two paired implants – BeardShell and Covenant.

Bomb threats are mostly ‘pranks’ but their impact runs deeper than disrupted classes and postponed exams. They hurt ...

AttackIQ has released a new attack graph that emulates the behaviors exhibited by BlackByte ransomware, a strain operated ...