When Microsoft patched a vulnerability last summer that allowed threat actors to use Windows’ shortcut (.lnk) files in ...

CrashFix crashes browsers to coerce users into executing commands that deploy a Python RAT, abusing finger.exe and portable Python to evade detection and persist on high‑value systems.

Now Microsoft has confirmed three zero-day Windows security bypass vulnerabilities, users are warned to get their update ...

A new open-source and cross-platform tool called Tirith can detect homoglyph attacks over command-line environments by ...

DEAD#VAX campaign delivers AsyncRAT via IPFS-hosted VHD phishing files, using fileless memory injection and obfuscated ...

According to a new advisory by Forcepoint, the campaign relies on the continued effectiveness of Windows shortcut (.lnk) ...

How modern infostealers target macOS systems, leverage Python‑based stealers, and abuse trusted platforms and utilities to ...

Microsoft confirms EWS shutdown in Exchange Online by 2027 and urges admins to migrate to Microsoft Graph APIs.

Microsoft is rolling out native Sysmon support in Windows 11 Insider builds, giving security teams built-in system monitoring ...

China-linked Amaranth-Dragon and Mustang Panda target Southeast Asian governments using WinRAR exploit and PlugX phishing ...

Mandiant says a wave of recent ShinyHunters SaaS data-theft attacks is being fueled by targeted voice phishing (vishing) attacks and company-branded phishing sites that steal single sign-on (SSO) ...

Researchers revealed a Phorpiex-distributed phishing campaign using malicious LNK files to deploy Global Group ransomware ...