CrashFix crashes browsers to coerce users into executing commands that deploy a Python RAT, abusing finger.exe and portable Python to evade detection and persist on high‑value systems.

Bloody Wolf spear-phishing campaign deploys NetSupport RAT across Uzbekistan and Russia, hitting 60+ victims and multiple ...

DEAD#VAX campaign delivers AsyncRAT via IPFS-hosted VHD phishing files, using fileless memory injection and obfuscated ...

Microsoft's Defender Security Research Team has observed threat actors actively exploiting internet-exposed SolarWinds Web Help Desk instances in multi-stage intrusions that led to lateral movement ...

According to Huntress, the intrusions stem from the many recently disclosed vulnerabilities – some critical – affecting SolarWinds Web Help Desk.

A complex phishing campaign uses decentralized fake PDFs that mount virtual drives to silently install the AsyncRAT malware.

A new open-source and cross-platform tool called Tirith can detect homoglyph attacks over command-line environments by ...

BeyondTrust warned customers to patch a critical security flaw in its Remote Support (RS) and Privileged Remote Access (PRA) software that could allow unauthenticated attackers to execute arbitrary ...

Let's examine the challenges of running Windows-dependent PowerShell scripts from Linux and compares three practical approaches -- dual booting, WinBoat and Windows Server RemoteApp -- to maintaining ...

So many CVEs, so little time Digital intruders exploited buggy SolarWinds Web Help Desk (WHD) instances in December to break into victims' IT environments, move laterally, and steal high-privilege ...

We are seeing exploitation of SolarWinds Web Help Desk via CVE‑2025‑40551 and CVE‑2025‑40536 that can lead to domain compromise; here is how to patch, hunt, and mitigate now.

Attacks targeting SolarWinds Web Help Desk instances in December 2025 might have exploited recently patched vulnerabilities as zero-days.