ShadowPad malware is being delivered through an actively exploited WSUS vulnerability, granting attackers full system access.

MuddyWater targets critical infrastructure in Israel and Egypt, relying on custom malware, improved tactics, and a predictable playbook.

This blog is intended to share an in-depth analysis of a recent multi-stage attack attributed to the Water Gamayun advanced persistent threat group (APT). Drawing on telemetry, forensic reconstruction ...

Tomiris is using public-service C2 implants and new phishing chains to stealthily deploy multi-language malware across targeted government networks.

ESET researchers have discovered a network implant used by the China-aligned PlushDaemon APT group to perform ...

The first step defenders should take is to stop the ability of this malware to run, says the report. “The most effective way to mitigate ClickFix is by disabling the Windows Run box,” says Huntress, ...

Chinese state-sponsored threat actors are reportedly actively exploiting a vulnerability in the Microsoft Windows Server Update Services (WSUS), to spread malware, experts have warned.

It was gradually abandoned as modern authentication and user query systems became standard, but this decade-old threat has ...

Apple’s new Edge Light feature for macOS is already on Windows, thanks to Microsoft VP Scott Hanselman’s free Windows Edge ...

Microsoft has historically used small games and even screensavers to demonstrate notable features in new Windows releases. The 3D Maze screensaver was designed to showcase the ...

A new WhatsApp-propagating worm is infecting devices in Brazil, delivering a banking trojan called Eternidade (Portuguese for ...

Poisoned PNGs contain malicious code A fresh wave of ClickFix attacks is using fake Windows update screens to trick victims ...