The cross-platform shell that nobody expected to take seriously.

Popular tool abuse, ClickFix, and identity-based attacks are among the most prevalent techniques bad actors are deploying ...

Attackers aren't breaking into your house; they’re using your own spare key to hide in plain sight. We need to stop assuming ...

Threat actors are abusing external Microsoft Teams collaboration to impersonate IT helpdesk staff and convince users to grant ...

Two phishing campaigns, each using a different stealthy infection technique, are targeting organizations in attacks which aim ...

CERT-UA links the AgingFly credential-stealing campaign to phishing, browser theft, and modular remote access.

SystemBC C2 exposed 1,570+ victims tied to The Gentlemen since July 2025, revealing expanding ransomware scale.

PHANTOMPULSE spreads via Obsidian plugin abuse in REF6598 campaign, targeting finance and crypto users, bypassing AV controls ...

Security researchers have detected a “sharp rise” in brute-force attempts to hijack SonicWall and Fortinet devices, with the ...

Two separate phishing campaigns are hitting organisations with Formbook, a long-running information stealer that continues to adapt its delivery methods to slip past traditional Windows defences. The ...

Ukrainian municipal authorities and healthcare institutions have come under a coordinated wave of cyberattacks that security officials say was designed to steal sensitive information from web browsers ...