In addition to rolling out patches to address two zero-days affecting SQL Server and .NET, Microsoft introduced Common Log ...

There may be a lot of reasons to dislike or even hate Windows 11; however, PowerToys is not one of them as it is one of the very cool official apps or features on the OS, among others like Group ...

Researchers say they’ve discovered a supply-chain attack flooding repositories with malicious packages that contain invisible code, a technique that’s flummoxing traditional defenses designed to ...

Denuvo is arguably the most-used DRM out there, but despite its strong anti-piracy record, publishers are removing it from ...

New ClickFix variant maps WebDAV drive to run trojanized WorkFlowy app, enabling stealth C2 beacon and payload delivery.

A fake $TEMU crypto airdrop uses the ClickFix trick to make victims run malware themselves and quietly installs a remote-access backdoor.

Storm-2561 uses SEO poisoning to push fake VPN downloads that install signed trojans and steal VPN credentials. Active since 2025, Storm-2561 mimics trusted brands and abuses legitimate services. This ...

IntroductionOn March 1, 2026, ThreatLabz observed new activity from a China-nexus threat actor targeting countries in the Persian Gulf region. The activity took place within the first 24 hours of the ...

BlackSanta is a malware module that kills EDR and AV at the kernel level prior to unleashing the malware’s final purpose.

The Contagious Interview campaign weaponizes job recruitment to target developers. Threat actors pose as recruiters from crypto and AI companies and deliver backdoors such as OtterCookie and ...

Anthropic, a smaller rival started by OpenAI defectors, has found runaway success with its programming agent, Claude Code.

Hackers are impersonating IT staff in Microsoft Teams to trick employees into installing malware, giving attackers stealthy ...