Suspected Russian actor deploys CANFAIL malware via phishing, targeting Ukrainian defense, energy, and aid sectors using LLM-assisted lures.

The campaign exploits an Office vulnerability to deliver the modular XWorm RAT, chaining HTA, PowerShell, and in-memory .NET execution to sidestep detection and expand post-compromise control.

When Microsoft patched a vulnerability last summer that allowed threat actors to use Windows’ shortcut (.lnk) files in ...

Now Microsoft has confirmed three zero-day Windows security bypass vulnerabilities, users are warned to get their update groove on ASAP.

A new open-source and cross-platform tool called Tirith can detect homoglyph attacks over command-line environments by ...

Researchers revealed a Phorpiex-distributed phishing campaign using malicious LNK files to deploy Global Group ransomware ...

A threat actor is using Net Monitor for Employees and SimpleHelp to launch ransomware and cryptocurrency attacks.

Microsoft confirms EWS shutdown in Exchange Online by 2027 and urges admins to migrate to Microsoft Graph APIs.

Microsoft links SolarWinds WHD exploits to RCE, lateral movement, and domain compromise in multi-stage attacks.

India is being targeted by multiple espionage campaigns delivered by the Pakistan-attributed Transparent Tribe (aka APT36).

A complex phishing campaign uses decentralized fake PDFs that mount virtual drives to silently install the AsyncRAT malware.