AI-generated Slopoly malware used by Hive0163 in 2026 attacks maintained access for over a week, highlighting how AI ...

Signed malware backed by a stolen EV certificate deployed legitimate RMM tools to gain persistent access inside enterprise ...

Unwitting victims are now being tricked into installing malware via Windows Terminal, but some experts say this is old news.

"Living Off the Land" attacks use built-in tools and processes instead of traditional malware.

VOID#GEIST malware campaign delivers XWorm, AsyncRAT, and Xeno RAT using batch scripts, Python loaders, and explorer.exe ...

A fake $TEMU crypto airdrop uses the ClickFix trick to make victims run malware themselves and quietly installs a remote-access backdoor.

A compromised Chrome extension with 7,000 users was updated to deploy malware, strip security headers, and steal cryptocurrency wallet seed phrases.

Ransomware threat actors tracked as Velvet Tempest are using the ClickFix technique and legitimate Windows utilities to deploy the DonutLoader malware and the CastleRAT backdoor.

China linked APT41 hackers deploy Silver Dragon campaign targeting organizations with malware and espionage tactics.

Windows 11 KB5079387 preview adds File Explorer improvements, display updates, and reliability fixes in builds 26100.8106 and 26200.8106.

Zscaler ThreatLabz assessed with medium to high confidence that an Iranian adversary targeted Iraq’s Ministry of Foreign Affairs in a new cyber-attack ...

IntroductionIn January 2026, Zscaler ThreatLabz observed activity by a suspected Iran-nexus threat actor targeting government officials in Iraq. ThreatLabz discovered previously undocumented malware ...