Storm-2561 uses SEO poisoning to push fake VPN downloads that install signed trojans and steal VPN credentials. Active since 2025, Storm-2561 mimics trusted brands and abuses legitimate services. This ...

A new technique dubbed "Zombie ZIP" helps conceal payloads in compressed files specially created to avoid detection from security solutions such as antivirus and endpoint detection and response (EDR) ...

Is this a virus?: Classic ZIP bombs and other archive-based tricks have long given cybercriminals a convenient way to sneak malware onto unsuspecting systems. A newly documented technique claims to go ...

Storm-2561 spreads fake VPN installers via SEO poisoning and GitHub downloads, stealing enterprise VPN credentials with Hyrax malware.

New ClickFix variant maps WebDAV drive to run trojanized WorkFlowy app, enabling stealth C2 beacon and payload delivery.

Distributed through over 100 GitHub repositories, the BoryptGrab stealer targets browser, wallet, system, and other user data ...

The financially motivated group has been active since May 2025, impersonating Fortinet, Ivanti, Cisco, and other vendors to steal corporate credentials.

Amazon has just changed the encryption used for Kindle books on older e-readers without a software update. Any Kindle with ...

Hackers can change a single byte to insert malware undetected, posing as an apparently corrupted ZIP file dubbed Zombie Zip. A security researcher demonstrated this by tricking Windows Defender and ...

BlackSanta is a malware module that kills EDR and AV at the kernel level prior to unleashing the malware’s final purpose.

Ken Starr, the conservative lawyer who led the Clinton-era independent counsel and later served as president of Baylor University, turns up again and again in the Justice Department’s newly released ...

Why Zip disks and LS-120s couldn't defeat the 1.44MB disk ...