TL;DR Introduction At the start of this year, I wrote a blog on how 2025 was the ‘year of the infostealer’, and it doesn’t ...

Gone in seconds with the right PowerShell command.

description: The following analytic detects the execution of PowerShell scripts containing Base64 encoded content, specifically identifying the use of `FromBase64String`. It leverages PowerShell ...

description: The following analytic detects PowerShell processes launched with command-line arguments indicative of obfuscation techniques. It leverages data from Endpoint Detection and Response (EDR) ...

A previously undocumented threat group known as UNC6692 has been observed using social engineering tactics through Microsoft Teams to deploy a custom malware suite on compromised systems, according to ...

Abstract: Cyber-attacks have evolved dramatically over the past decade, becoming more targeted and sophisticated. Attackers now employ various techniques, including phishing, ransomware, and Remote ...

A campaign known as Shadow#Reactor uses text-only files to deliver a Remcos remote access Trojan (RAT) to compromise victims, as opposed to a typical binary. Researchers with security vendor Securonix ...

Cyble Research and Intelligence Labs (CRIL) have uncovered a cyber-espionage operation that used a weaponized ZIP archive to infiltrate defense-sector systems. The malicious file—disguised as a ...

A rare in-the-wild FileFix campaign has been observed by cybersecurity researchers, which hides a second-stage PowerShell script and encrypted executables inside JPG images. The attack, detailed in an ...

What looks like a simple "Are you human?" check is now one of the most dangerous tricks on the internet. Fake captchas have evolved into full-blown malware launchpads, thanks to a sneaky new method ...

Changes are afoot at Pay2Key, a ransomware-as-a-service (RaaS) gang with ties to a notorious Iranian nation-state threat group, and it could spell trouble for the US. Pay2Key was first observed in ...