ClickFix campaigns spread MacSync macOS infostealer via malicious Terminal commands since Nov 2025, targeting AI tool users ...
The Russian state-sponsored APT28 threat group is using a custom variant of the open-source Covenant post-exploitation ...
The state-sponsored hackers deployed custom tools and stayed dormant in the compromised environments for months.
ESET researchers document how the Sednit APT group has reemerged with a modern toolkit centered on two paired implants – BeardShell and Covenant.
Iran-linked Dust Specter targeted Iraqi officials using fake ministry lures and new malware families uncovered by Zscaler.
Recent social engineering schemes involving WordPress and Microsoft’s Windows Terminal show that this relatively basic tactic is a growing threat.
ESET researchers have traced the reactivation of Sednit’s advanced implant team to a 2024 case in Ukraine, where a keylogger ...
IntroductionIn January 2026, Zscaler ThreatLabz observed activity by a suspected Iran-nexus threat actor targeting government officials in Iraq. ThreatLabz discovered previously undocumented malware ...
Ransomware threat actors tracked as Velvet Tempest are using the ClickFix technique and legitimate Windows utilities to deploy the DonutLoader malware and the CastleRAT backdoor.
Zscaler ThreatLabz assessed with medium to high confidence that an Iranian adversary targeted Iraq’s Ministry of Foreign Affairs in a new cyber-attack ...
After several years of using simple implants, the Russia-affiliated threat actor is back with two new sophisticated malware tools.
Some results have been hidden because they may be inaccessible to you
Show inaccessible results