ESET researchers present technical details on a recent data destruction incident affecting a company in Poland’s energy sector.

A multi-stage phishing campaign targeting Russia abuses GitHub and Dropbox to disable Microsoft Defender and deploy Amnesia ...

This is Part 2 of our two-part technical analysis on the Gopher Strike and Sheet Attack campaigns. For details on the Gopher Strike campaign, go to Part 1.IntroductionIn September 2025, Zscaler ...

The attack consists of a NexShield malicious browser extension, a social engineering technique to crash the browser, and a ...

New WhatsApp Web attack spreads self-propagating ZIP files containing Astaroth banking malware through trusted conversations.

The Gootloader malware, typically used for initial access, is now using a malformed ZIP archive designed to evade detection ...

Active malware exploits DLL side-loading in a signed GitKraken binary to deliver trojans, stealers, and remote access malware.

A new CrashFix browser scam deliberately crashes tabs to trick users into downloading malware, researchers warn amid rising ...

A new malicious campaign mixes the ClickFix method with fake CAPTCHA and a signed Microsoft Application Virtualization (App-V ...

Microsoft released an emergency Office patch to fix an actively exploited zero-day flaw that lets attackers bypass security ...

Have you ever been given an application and instructed to run it on various computers and systems, only to realize that it wasn’t built for multiple hosts? After all, some apps are designed to be ...

Microsoft released a pair of security and compliance updates this week designed to help IT administrators strengthen ...