Some weeks are loud. This one was quieter but not in a good way. Long-running operations are finally hitting courtrooms, old attack methods are showing up in new places, and research that stopped ...

Some weeks in security feel loud. This one feels sneaky. Less big dramatic fireworks, more of that slow creeping sense that too many people are getting way too comfortable abusing things they probably ...

Microsoft observed phishing-led exploitation of OAuth’s by-design redirection mechanisms. The activity targets government and public-sector organizations and uses silent OAuth authentication flows and ...

In the ever-evolving landscape of cybersecurity, Microsoft Excel has long been a staple for businesses, analysts, and everyday users. However, its powerful feature—VBA macros—has also made it a prime ...

This SDK enables Dynatrace customers to extend request level visibility into Python applications. It provides the Python implementation of the Dynatrace OneAgent SDK. For the latest updates, see ...

Touchscreen devices such as smartphones and tablets have helped make tasks like typing and gaming more accessible 1,2,3. However, these devices can present challenges for individuals with restricted ...

ESET researchers have uncovered a Lazarus attack against an aerospace company in Spain, where the group deployed several tools, most notably a publicly undocumented backdoor we named LightlessCan.

Pupy RAT is an open-source and publicly available malware written in Python that supports reflective DLL loading to evade detection, and additional modules are downloaded later. The malware allows ...

ESET researchers discovered a still-ongoing campaign using a previously undocumented Korplug variant, which they named Hodur due to its resemblance to the THOR variant previously documented by Unit 42 ...

Several weeks ago, Microsoft detected a 0-day remote code execution exploit being used to attack the SolarWinds Serv-U FTP software in limited and targeted attacks. The Microsoft Threat Intelligence ...