Kaspersky says the attacks use phishing, GitHub-hosted payloads, CVE-2025-9491 LNK abuse, and Go2Tunnel-based tunneling.
Securonix says PureLogs infection starts with a fake PDF JavaScript file and uses PowerShell, fileless .NET loading, and LOLBins.
Turns out Windows already gives you all the tools you need to block distracting apps and websites—you just have to put them ...
Microsoft reports an active cyber campaign targeting hotels in Europe and Asia using fake photo ZIPs, PowerShell malware, and Node.js implants with evolving evasion tactics. magnific.com Microsoft ...
Microsoft Threat Intelligence identified an active multi-stage intrusion campaign targeting hospitality organizations in ...
From package to postinstall payload: Inside the Mastra npm supply chain compromise by Sapphire Sleet
June 19, 2026 update: Microsoft assesses with high confidence that this activity is attributable to Sapphire Sleet, a North Korean state actor that primarily targets the financial sector. The ...
Phantom Stealer phishing targets banks with fileless malware and in-memory Windows process injection. The infostealer harvests credentials, cookies, financial data, screenshots, and cryptocurrency ...
During our recent threat hunting activities, we found EtherRAT malware being distributed by a website with a strange homepage. This homepage allowed us to discover a vast malicious infrastructure ...
At the start of this year, I wrote a blog on how 2025 was the ‘year of the infostealer’, and it doesn’t look like that is going to change anytime soon. We’re now into June and the ‘fix’ attacks have ...
This project simulates a Tier 1 SOC investigation using Splunk. The investigation focuses on a high-severity alert involving suspicious login activity, obfuscated PowerShell execution, and outbound ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results