A new malicious campaign mixes the ClickFix method with fake CAPTCHA and a signed Microsoft Application Virtualization (App-V ...

In PowerShell, the Exit function allows you to terminate or stop a script from running. It's like telling the script to quit ...

Attackers use a sophisticated delivery mechanism for RAT deployment, a clever way to bypass defensive tools and rely on the target's own utilities.

The Gootloader malware, typically used for initial access, is now using a malformed ZIP archive designed to evade detection ...

Not all applications are created with remote execution in mind. PowerShell provides several ways to invoke applications on ...

Just the Browser removes a bunch of AI cruft and telemetry garbage, and it's incredibly easy to use. It supports Firefox and Edge, too!

Active malware exploits DLL side-loading in a signed GitKraken binary to deliver trojans, stealers, and remote access malware ...

Researchers uncovered a CrashFix campaign where a fake Chrome ad blocker crashes browsers to trick users into installing the ...

The phishing campaign shows how attackers continue to weaponize legitimate cloud services and open source tools to evade detection and gain trust.

It does not crash systems or raise alarms. It blends into everyday Windows activity and works quietly in the background. By the time it is noticed, control may already be lost. Security teams are ...

The DeadLock ransomware group, a newly emerged digital extortion group, is using blockchain smart contracts to store proxy ...

This is Part 2 of our two-part technical analysis on the Gopher Strike and Sheet Attack campaigns. For details on the Gopher Strike campaign, go to Part 1.IntroductionIn September 2025, Zscaler ...