The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has released new details about RESURGE, a malicious implant used in zero-day attacks exploiting CVE-2025-0282 to breach Ivanti Connect ...

A developer-targeting campaign leveraged malicious Next.js repositories to trigger a covert RCE-to-C2 chain through standard ...

The Arkanix Stealer malware can collect and exfiltrate system information, browser data, VPN information, and arbitrary files ...

Researchers warn malicious packages can harvest secrets, weaponize CI systems, and spread across projects while carrying a dormant wipe mechanism.

Abstract: The increasing prevalence of sophisticated malware targeting software applications requires robust detection mechanisms, particularly for C/C++ codebases that underpin critical systems. This ...

A North Korean attack group is running a scam operation called the Graphalgo, wherein they use fake job schemes to deliver malware.

Attackers recently leveraged LLMs to exploit a React2Shell vulnerability and opened the door to low-skill operators and calling traditional indicators into question.

Microsoft details a new ClickFix variant abusing DNS nslookup commands to stage malware, enabling stealthy payload delivery ...

Darktrace researchers say hackers used AI and LLMs to create malware to exploit the React2Shell vulnerability to mine cryptocurrency. It's the latest example of bad actor's using AI to create ...

Microsoft warns that Python-based infostealers are increasingly targeting macOS, harvesting sensitive data and challenging assumptions about Apple's malware immunity..

The queries target both commercial and open-source tools. Open-source C2 frameworks (Sliver, Mythic, Havoc, Covenant, etc.) and phishing platforms (GoPhish, Evilginx) are particularly detectable ...

Abstract: Android malware poses a persistent and evolving threat to mobile security, considering its capability to compromise sensitive user data and evade traditional detection methods. While ...