North Korea-linked ScarCruft’s Ruby Jumper uses Zoho WorkDrive C2 and USB malware to breach air-gapped systems for ...

North Korean hackers are deploying newly uncovered tools to move data between internet-connected and air-gapped systems, spread via removable drives, and conduct covert surveillance.

IntroductionIn December 2025, Zscaler ThreatLabz discovered a campaign linked to APT37 (also known as ScarCruft, Ruby Sleet, and Velvet Chollima), which is a DPRK-backed threat group. In this campaign ...

The security researchers from Zscaler ThreatLabz have also discovered five new tools deployed by the North Korean hacking ...

Cisco Talos tracks UAT-10027 targeting U.S. education and healthcare with Dohdoor DoH-based backdoor and Cobalt Strike ...

A sophisticated Python-based malware deployment uncovered during a fraud investigation has revealed a layered attack involving obfuscation, disposable infrastructure and commercial offensive tools.

Discover the 7 best cloud orchestration tools for enterprises in 2026, including AWS CloudFormation, Ansible, Spacelift, CloudBolt, and more. Compare features, pricing, multi-cloud support, and use ...

AttackIQ has released a new attack graph that emulates the behaviors exhibited by BlackByte ransomware, a strain operated ...

Cybersecurity has always been a game of adaptation, but the emergence of AI-driven polymorphic threats is accelerating that arms race.