Hackers are impersonating IT staff in Microsoft Teams to trick employees into installing malware, giving attackers stealthy access to corporate networks.

Hackers abused Microsoft Teams and Quick Assist to deploy A0Backdoor malware at financial and healthcare organizations, researchers warn.

Hackers contacted employees at financial and healthcare organizations over Microsoft Teams to trick them into granting remote ...

网络安全研究人员披露了一项多阶段恶意软件攻击活动，该活动使用批处理脚本作为传播路径，投放XWorm、AsyncRAT和Xeno RAT等加密远程访问木马载荷。攻击链被命名为VOID#GEIST，通过混淆批处理脚本部署第二阶段脚本，植入合法Python运行时，并解密加密的shellcode。现代恶意软件越来越多地转向复杂的基于脚本的传播框架，模仿合法用户活动以规避检测。

VOID#GEIST malware campaign delivers XWorm, AsyncRAT, and Xeno RAT using batch scripts, Python loaders, and explorer.exe ...

North Korean hacking group APT37 was seen deploying new implants, backdoors, and other tools in attacks targeting air-gapped ...

朝鲜威胁行为者ScarCruft被归因于一套全新的工具，包括一个使用Zoho WorkDrive进行命令和控制通信以获取更多有效载荷的后门程序，以及一个使用可移动媒体来中继命令和突破物理隔离网络的植入程序。

North Korean hackers are deploying newly uncovered tools to move data between internet-connected and air-gapped systems, spread via removable drives, and conduct covert surveillance.

A fake CAPTCHA scam is tricking Windows users into running PowerShell commands that install StealC malware and steal passwords, crypto wallets, and more.