Passkeys provide stronger security than traditional passwords and could eventually replace them entirely as adoption grows.

A complex phishing campaign uses decentralized fake PDFs that mount virtual drives to silently install the AsyncRAT malware.

The update supports seamless, enterprise-grade authentication across all modern Windows architectures including chips from ...

CrashFix crashes browsers to coerce users into executing commands that deploy a Python RAT, abusing finger.exe and portable Python to evade detection and persist on high‑value systems.

How modern infostealers target macOS systems, leverage Python‑based stealers, and abuse trusted platforms and utilities to ...

Poland linked December 2025 cyber attacks on energy and manufacturing sites to Static Tundra, involving DynoWiper and ...

China-linked Mustang Panda used updated COOLCLIENT malware in 2025 espionage to steal data from government and telecom ...

This is Part 2 of our two-part technical analysis on the Gopher Strike and Sheet Attack campaigns. For details on the Gopher Strike campaign, go to Part 1.IntroductionIn September 2025, Zscaler ...

The malicious campaign targets software developers and engineering teams with expertise in, or access to, blockchain-related ...

A new malicious campaign mixes the ClickFix method with fake CAPTCHA and a signed Microsoft Application Virtualization (App-V) script to ultimately deliver the Amatera infostealing malware.

North Korean cybercriminals are targeting developers with access to blockchains. A PowerShell backdoor appears to be programmed by AI.

Security researchers have found more malware being developed with the help of Gen AI, as the use of AI tools in cybercrime moves from theory into practice, and that defenders should also start ...