Separate but similar campaigns described by Microsoft and Trend Micro use malicious zip files to spread malware via social ...
Kaspersky says 90+ spoofed domains use malicious installers and SEO to deliver AsyncRAT to Windows systems through ScreenConnect.
Kaspersky says the attacks use phishing, GitHub-hosted payloads, CVE-2025-9491 LNK abuse, and Go2Tunnel-based tunneling.
Microsoft says it has detected new self-propagating malware that spreads through USB drives in search of cryptocurrency credentials, which it then sends to attacker-controlled servers.
Woodgnat, an IAB for Qilin, Interlock, Rhysida, Akira, 8Base, and Black Basta ransomware, is using Mistic RAT in new attacks.
On June 24, 2026, Microsoft’s Digital Crimes Unit (DCU) facilitated the takedown, suspension, and blocking of domains that ...
A wave of phishing emails sent to Booking.com partner accommodations in Japan in May led to blockchain-hosted malware ...
Prinz Eugen ransomware targets recently modified files first and skips ransom notes, exposing backup, EDR, and incident ...
Armored Likho BusySnake Stealer, a Python-based infostealer first disclosed by Kaspersky, is actively targeting government ...
Mapping detections and controls to MITRE ATT&CK: a practical guide for technical teams MITRE ATT&CK is useful because it gives technical teams a common language for describing adversary behaviour. For ...
Microsoft released security fixes for more than 200 vulnerabilities on June 9, 2026 — the largest single Patch Tuesday in the program's history since its founding in 2003 — while a security researcher ...