Researchers discovered a vulnerable driver embedded in Reynolds' ransomware, illustrating the increasing popularity of the ...

Worm-driven TeamPCP campaign exploits Docker, Kubernetes, Redis, Ray, and React2Shell to build proxy infrastructure for data theft and ransomware.

CrashFix crashes browsers to coerce users into executing commands that deploy a Python RAT, abusing finger.exe and portable Python to evade detection and persist on high‑value systems.

A Chinese state-sponsored actor was seen exploiting a WinRAR bug, soon after the Russians.

Attackers abused a signed but long-revoked EnCase Windows kernel driver in a BYOVD attack to terminate all security tools.

China-linked Amaranth-Dragon and Mustang Panda target Southeast Asian governments using WinRAR exploit and PlugX phishing ...

A new threat actor called Amaranth Dragon, linked to APT41 state-sponsored Chinese operations, exploited the CVE-2025-8088 ...

Hackers are targeting developers by exploiting the critical vulnerability CVE-2025-11953 in the Metro server for React Native ...

How AI and agentic AI are reshaping malware and malicious attacks, driving faster, stealthier, and more targeted ...

The protocol warned it may pursue criminal and civil action after identifying addresses tied to a hack of its token transfer ...

RedLine, Lumma, and Vidar adapted in 48 hours. Clawdbot's localhost trust model collapsed, plaintext memory files sit exposed, and traditional defenses can't see the threat. Security teams are already ...

As AI gets more heavily integrated into Windows, enhanced cybersecurity is required to prevent it from being used against us. Take Reprompt, for example. Reprompt is a Copilot exploit, that can use ...