In addition to rolling out patches to address two zero-days affecting SQL Server and .NET, Microsoft introduced Common Log ...

Infosecurity spoke to several experts to explore what CISOs should do to contain the viral AI agent tool’s security vulnerabilities ...

A fake $TEMU crypto airdrop uses the ClickFix trick to make victims run malware themselves and quietly installs a remote-access backdoor.

IntroductionOn March 1, 2026, ThreatLabz observed new activity from a China-nexus threat actor targeting countries in the Persian Gulf region. The activity took place within the first 24 hours of the ...

The Contagious Interview campaign weaponizes job recruitment to target developers. Threat actors pose as recruiters from crypto and AI companies and deliver backdoors such as OtterCookie and ...

New hacking cluster exploits web servers and Mimikatz to infiltrate Asian infrastructure for long-term espionage in aviation, ...

Something else to worry about.

网络安全研究人员披露了一项多阶段恶意软件攻击活动，该活动使用批处理脚本作为传播路径，投放XWorm、AsyncRAT和Xeno RAT等加密远程访问木马载荷。攻击链被命名为VOID#GEIST，通过混淆批处理脚本部署第二阶段脚本，植入合法Python运行时，并解密加密的shellcode。现代恶意软件越来越多地转向复杂的基于脚本的传播框架，模仿合法用户活动以规避检测。

Ransomware threat actors tracked as Velvet Tempest are using the ClickFix technique and legitimate Windows utilities to deploy the DonutLoader malware and the CastleRAT backdoor.

VOID#GEIST malware campaign delivers XWorm, AsyncRAT, and Xeno RAT using batch scripts, Python loaders, and explorer.exe ...

If you had walked onto a trading floor thirty years ago, you would have heard noise before you saw anything. Phones ringing, ...

Why settle for a static Linux Mint desktop when you can jazz it up with this Conky daily quote generator desklet?