Proofpoint says UNK_DeadDrop sent 250+ phishing emails to nearly 100 firms, using GitHub and VS Code lures to steal ...

Russia-aligned hackers are still exploiting WinRAR CVE-2025-8088 against Ukrainian organizations nearly a year after patches ...

Microsoft’s aging “mshta.exe” utility, a leftover component from Internet Explorer, is still being actively abused in modern malware campaigns years after the browser itself was retired. According to ...

Bitdefender security researchers have discovered that attackers continue to exploit Microsoft HTML Application Host (MSHTA), a legacy utility available by default on Windows systems that can execute ...

Attackers are increasingly abusing Microsoft’s decades-old MSHTA utility to stealthily deliver stealers, loaders, and persistent malware through phishing, fake software downloads, and LOLBIN-based ...

Attackers are abusing legitimate remote access tools and lightweight scripts to deliver AsyncRAT entirely in memory, bypassing file-based detection. Security researchers have discovered an open-source ...

The big picture: The Windows ecosystem has offered an unparalleled level of backward compatibility for decades. However, Microsoft is now working to remove as many legacy technologies as possible in ...

Since Russia’s full-scale invasion of Ukraine in February 2022, cyberespionage has played a crucial role in the broader threatscape. Russia-aligned advanced persistent threat (APT) groups have ...

Windows users should be on high alert for the Remcos Remote Access Trojan (RAT). This malware deploys an incredibly stealthy payload through phishing, with no downloads required. One careless click on ...

A Russian-aligned hacking group is conducting a cyber espionage campaign across Europe and Asia, according to Recorded Future. Insikt Group, Recorded Future’s threat intelligence team, has shared in a ...

A new social engineering tactic, known as ClickFix, has emerged, using deceptive error messages to prompt users to run harmful code. The Sekoia Threat Detection ...