malware

Malware authors are stepping up their game by turning to the unexpected—and sometimes downright obscure—programming languages. In a recent deep-dive study, researchers from Greece and the Netherlands explored how switching from the familiar C and C++ can throw static analysis tools for a loop...

In today's cybersecurity landscape, the exploitation of trusted systems is emerging as a growing threat. Cybercriminals have found an ingenious way to weaponize Microsoft's Trusted Signing Platform—a service designed to help developers authenticate their software—by using short-lived...

Cybercriminals are back at it – this time using fake Microsoft 365 apps as a Trojan horse to deliver malware, compromise user credentials, and potentially open the door to larger network breaches. In an age when cloud productivity platforms like Microsoft 365 are the lifeblood for enterprises...

Popular AI Tools Tricked to Build Malware for Chrome: A Wake-Up Call for Windows Users The growing convergence of artificial intelligence and cybersecurity has produced both incredible opportunities and unexpected challenges. Recent research from Cato Networks has demonstrated just how easily...

Windows has long been synonymous with robust security, yet even the most enduring systems sometimes harbor hidden vulnerabilities. A recently highlighted issue concerning .lnk shortcut files brings to light an 8-year-old security vulnerability that, despite Microsoft's long-standing reputation...

A long-dormant flaw in Windows is now capturing the attention of cybersecurity experts and government agencies alike, as a Windows zero-day vulnerability—active since 2017—has been weaponized by 11 nation-state actors. The exploit, tracked as ZDI-CAN-25373, manipulates the way Windows handles...

Hackers are once again proving that even trusted platforms can be twisted for malicious purposes. A recent campaign, detailed by cybersecurity researchers, reveals that cybercriminals are employing fake OAuth applications—masquerading as popular services like Adobe Drive, Adobe Acrobat, and...

Microsoft 365 credentials are now squarely in the crosshairs of a new, sophisticated cyberattack. In a campaign dubbed the ClickFix attack—as first reported by SC Media and detailed by BleepingComputer—the threat actors are using fake OAuth apps to pilfer sensitive credentials from government...

Cybercriminals are now weaponizing trusted brands to hijack Microsoft 365 accounts. In a worrying twist that almost seems ripped from a spy movie, hackers are impersonating legitimate Adobe and DocuSign apps to gain unauthorized access to valuable data and deploy malware. The Anatomy of the...

When your Windows 11 system experiences unusually high GPU usage, even when you're not running graphically intensive applications, it can lead to unwanted slowdowns, overheating, and frustrated users. Thankfully, there are several troubleshooting steps you can take to pinpoint the issue and...

The hospitality industry isn’t the only one facing a roster of challenges these days—cybercriminals are checking in too. A recent alert from Microsoft Threat Intelligence has uncovered a sophisticated phishing campaign impersonating Booking.com that targets hotels, resorts, and other businesses...

The cybersecurity landscape has once again been rattled by a sophisticated attack campaign, this time orchestrated by the threat group known as MirrorFace. By exploiting inherent design gaps in a trusted Windows feature and leveraging a familiar developer environment, the attackers have...

Phantom Goblin: A New Wave of Stealer Malware Leveraging Social Engineering Tactics Cybersecurity researchers from Cyble Research and Intelligence Labs (CRIL) have recently uncovered a sophisticated malware operation dubbed Phantom Goblin. This threat campaign harnesses deceptive social...

Massive Malvertising Campaign Exposes GitHub-Hosted Malware In early December 2024, Microsoft Threat Intelligence uncovered a large-scale malvertising campaign that has left nearly one million devices exposed to sophisticated information stealers. This unique and multi-stage attack, which...

Windows users, take note: a once-popular open source tool for cleaning out Windows 11 bloatware has been unmasked—not as a harmless utility, but as a carrier of malware. If you have used the Talon program to eliminate unwanted pre-installed software, your system may be compromised. In this...

A recent Forbes report by Zak Doffman has sounded an urgent alarm for Microsoft Windows users. A new wave of cyberattacks is exploiting fake browser update alerts to infiltrate systems and install dangerous malware. In this article, we break down the mechanics behind this scam, explain its...

Windows users, brace yourselves—cybersecurity threats have taken on a particularly sneaky new form. A freshly unearthed variant of the Snake Keylogger malware is making its rounds, primarily targeting systems in Asia and Europe. Leveraging an AutoIt-compiled payload to mask its true intentions...

A fresh cybersecurity challenge is emerging for organizations worldwide—a sophisticated malware family that uses Microsoft Outlook as a key communication channel to steal data. In a report detailed by CSO Online, researchers from Elastic Security have uncovered an attack that leverages...

A sophisticated new malware variant, dubbed FinalDraft, has recently been discovered abusing Outlook’s email draft feature to conceal its command-and-control (C2) communications. This inventive approach highlights both the cunning nature of modern cyber threats and the challenges defenders face...

Cybercriminals never sleep, and as the cybersecurity landscape evolves, so do their methods. They've upped their game yet again by infiltrating some of the world’s most reputable cloud service providers—specifically Amazon Web Services (AWS) and Microsoft Azure—for what researchers are now...