The campaign exploits an Office vulnerability to deliver the modular XWorm RAT, chaining HTA, PowerShell, and in-memory .NET execution to sidestep detection and expand post-compromise control.

When Microsoft patched a vulnerability last summer that allowed threat actors to use Windows’ shortcut (.lnk) files in ...

While businesses increasingly shift dependency on hybrid and cloud-based email systems, Stellar introduces its New Migrator for Exchange. This software is a robust tool designed with the objective to ...

Suspected Russian actor deploys CANFAIL malware via phishing, targeting Ukrainian defense, energy, and aid sectors using LLM-assisted lures.

Now Microsoft has confirmed three zero-day Windows security bypass vulnerabilities, users are warned to get their update ...

Researchers revealed a Phorpiex-distributed phishing campaign using malicious LNK files to deploy Global Group ransomware ...

Global organizations face AI-enhanced cybercrime, record ransomware incidents, and an uptick in phishing attacks, highlighting the need for strong cyber defensesSCHAFFHAUSEN, Switzerland, Feb. 18, ...

Legacy email integrations, third-party apps, and in-house tools must move to Microsoft Graph before EWS is disabled for good.

Bloody Wolf spear-phishing campaign deploys NetSupport RAT across Uzbekistan and Russia, hitting 60+ victims and multiple sectors.

Threat actors are now abusing DNS queries as part of ClickFix social engineering attacks to deliver malware, making this the first known use of DNS as a channel in these campaigns.