A new open-source and cross-platform tool called Tirith can detect homoglyph attacks over command-line environments by ...

The campaign exploits an Office vulnerability to deliver the modular XWorm RAT, chaining HTA, PowerShell, and in-memory .NET execution to sidestep detection and expand post-compromise control.

A member of the Crazy ransomware gang is abusing legitimate employee monitoring software and the SimpleHelp remote support ...

The vulnerability comes from the way Notepad handles Markdown hyperlinks. Attackers craft malicious .md files with embedded ...

Organizations that have exposed their instances of Web Help Desk to the public Internet have inadvertently made them prime ...

Poland linked December 2025 cyber attacks on energy and manufacturing sites to Static Tundra, involving DynoWiper and ...

CrashFix crashes browsers to coerce users into executing commands that deploy a Python RAT, abusing finger.exe and portable Python to evade detection and persist on high‑value systems.

So many CVEs, so little time Digital intruders exploited buggy SolarWinds Web Help Desk (WHD) instances in December to break into victims' IT environments, move laterally, and steal high-privilege ...

When Microsoft patched a vulnerability last summer that allowed threat actors to use Windows’ shortcut (.lnk) files in ...

Too slow react-ion time Baddies are exploiting a critical bug in React Native's Metro development server to deliver malware ...

Active attacks exploit Metro4Shell (CVE-2025-11953) in React Native CLI to execute commands and deploy Rust malware.

Following their Salesforce attacks last year, the cybercrime group has broadened its targeting and gotten more aggressive with extortion tactics.