Researchers have known for almost a decade that threat actors sometimes use DNS records to host malicious PowerShell scripts.

Researchers warned that Chinese residents, and visitors to China, should be aware of the tool's existence and the risks it ...

There are other ways Konfety tries to hide and maintain persistence. zLabs said that the attackers are also using so-called “dual-app deception”, in which there’s a legitimate app on major app stores, ...

A threat actor that may be financially motivated is targeting SonicWall devices with a backdoor and user-mode rootkit.

A new variant of the Konfety Android malware emerged with a malformed ZIP structure along with other obfuscation methods that ...

North Korean threat actors planted 67 malicious packages in the Node Package Manager (npm) online repository to deliver a new ...

A new malware campaign targeting Hong Kong finance has been identified, featuring SquidLoader to deploy Cobalt Strike Beacon ...

The RocketGenius website served a malicious variant of the Gravity Forms WordPress add-on for a few hoursThe variant harvested extensive information and allowed for RCEThe malware affected only manual ...

An open-source malware can now spawn into DCRat, Venom RAT, and JasonRAT, powering phishing, data theft, and MaaS campaigns worldwide.

Uploading malicious code to npm is just a setup. The real attack most likely happens elsewhere - on LinkedIn, Telegram, or ...

From there, you want to make sure that Google Play Protect is enabled on your Android phone. This pre-installed security app scans all of your existing apps and any new ones you download for malware.

Malcure Malware Scanner plugin contains an unpatched high-severity vulnerability. Temporarily shut down at WordPress ...