Cybersecurity researchers have identified a targeted espionage-style malware campaign that uses GitHub Releases to conceal payload delivery, combining phishing, trusted cloud infrastructure and a ...
Ongoing research into AI agent framework security identified an exploit chain in AutoGen Studio (AutoGen’s open-source prototyping user interface) that allows untrusted web content rendered by a ...
An APT group linked to the Iranian government pretended to be a Chaos ransomware affiliate in order to provide plausible deniability for geopolitical espionage and prepositioning, Rapid7 has claimed.
In January 2026, Microsoft Defender Experts identified a new evolution in the ongoing ClickFix campaign. This updated tactic deliberately crashes victims’ browsers and then attempts to lure users into ...
Four distinct threat activity clusters have been observed leveraging a malware loader known as CastleLoader, strengthening the previous assessment that the tool is offered to other threat actors under ...
Cybersecurity researchers are calling attention to a new phishing campaign that employs the ClickFix technique to deliver an open-source command-and-control (C2) framework called Havoc. "The threat ...
A sophisticated ransomware campaign is targeting Windows system administrators by utilizing fake download sites for popular utilities Putty and WinSCP. These utilities, essential for secure file ...
A new 'Nitrogen' initial access malware campaign uses Google and Bing search ads to promote fake software sites that infect unsuspecting users with Cobalt Strike and ransomware payloads. The goal of ...
When run with pythonw or RemoveWindowsLockScreenAds.noconsole.exe there is no console output. However, --install and --uninstall will log to %TEMP ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results