Researchers say a new jailbreak technique tricked AI models into treating attacker-written text as their own reasoning, ...
Operation Navy Ghost is targeting Python developers who build Telegram bots by hiding backdoors inside trojanized Pyrogram forks uploaded to PyPI. The campaign has been active since November 2025, ...
Kazuar, a sophisticated malware family attributed to the Russian state actor Secret Blizzard, has been under constant development for years and continues to evolve in support of espionage-focused ...
A feature-rich DLL injection library which supports x86, WOW64 and x64 injections. Developed by Broihon for Guided Hacking. It features five injection methods, six shellcode execution methods and ...
IntroductionIn December 2025, Zscaler ThreatLabz identified a new command-and-control (C2) framework implant that we track as SnappyClient, which was delivered using HijackLoader. SnappyClient has an ...
Infostealer threats are rapidly expanding beyond traditional Windows-focused campaigns, increasingly targeting macOS environments, leveraging cross-platform languages such as Python, and abusing ...
Security experts have disclosed details of an active malware campaign that's exploiting a DLL side-loading vulnerability in a legitimate binary associated with the open-source c-ares library to bypass ...
An investigation into what appeared at first glance to be a “standard” Python-based infostealer campaign took an interesting turn when it was discovered to culminate in the deployment of a ...
This blogpost introduces our latest white paper, presented at Virus Bulletin 2025, where we detail the operations of the North Korea-aligned threat actor we call DeceptiveDevelopment and its ...
Threat actors are leveraging public GitHub repositories to host malicious payloads and distribute them via Amadey as part of a campaign observed in April 2025. "The MaaS [malware-as-a-service] ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results