"Living Off the Land" attacks use built-in tools and processes instead of traditional malware.

ESET researchers document how the Sednit APT group has reemerged with a modern toolkit centered on two paired implants – BeardShell and Covenant.

Instead of the usual phishing email or fake download page, attackers are using Google Forms to kick off the infection chain. The attack typically begins when a victim downloads a business-themed ZIP ...

The Russian state-sponsored APT28 threat group is using a custom variant of the open-source Covenant post-exploitation ...

A precise approach to everyday Windows breakdowns.

Ransomware criminals exploited CVE-2026-20131, a maximum-severity bug in Cisco Secure Firewall Management Center software, as a zero-day vulnerability more than a month before Cisco patched the hole, ...

China-linked CL-STA-1087 targets Southeast Asian militaries since 2020 using AppleChris and MemFun for espionage and credential theft.

Those aren't toys. Malware used in a sophisticated spear-phishing and infostealing campaign by Russian bad actors includes a component dubbed BlackSanta that can shut down antivirus and EDR ...

A new malware strain dubbed Slopoly, likely created using generative AI tools, allowed a threat actor to remain on a compromised server for more than a week and steal data in an Interlock ransomware ...

Malicious Chrome extensions tied to ownership transfers push malware and steal data, exposing thousands to credential theft and system compromise.

This is the safest way to uninstall Edge and Bing from Windows 11.

State-backed cyber threat actors from non-combatant states are taking advantage of the Israeli-US war on Iran to fulfil their own goals, according to Proofpoint analysts.