New analysis shows the campaign, which uses compromised WordPress sites, may be linked to the ransomware and extortion group Vice Society.

ClickFix attacks are delivering BabaDeda, Lorem Ipsum, and Potemkin loaders to deploy stealers, RATs, and ransomware-linked ...

The Vietnam-aligned threat actor known as OceanLotus has been attributed to two distinct campaigns that targeted domestic ...

A threat actor is using an AI-built ransomware attack toolkit that automates Active Directory discovery and helps evade endpoint detection and response (EDR) solutions.

A hardware fault injection attack results in the first Xbox One boot ROM-level compromise after 12 years.

Our tracking of OceanLotus activities from 2024–2026 reveals a shift in operational focus. During this period, the Vietnam-aligned OceanLotus adopted a more selective approach to external operations ...

Writing my own virtualized loader is something I’ve been wanting to do since I first read Microsoft’s deep dive on FinFisher’s multi-layered VM obfuscation back in 2018. FinFisher didn’t just use one ...

Fake Claude Code installer malware used Google Ads to place spoofed AI tool pages above real documentation since March 2026. The fileless credential stealer targets AI API keys, crypto wallets, and ...

X.Org Server vulnerability patch released June 2 fixes nine flaws — eight found by TrendAI’s FENRIR static analysis tool, the ...

ESET researchers have discovered SprySOCKS for Windows, FishMonger’s backdoor weaponizing a kernel driver for advanced ...

Abstract: Detecting attacks disguised by evasion techniques is a challenge for signature-based Intrusion Detection Systems (IDSs) and Intrusion Prevention Systems (IPSs). This study examines five ...