DPRK-linked actors use GitHub C2 and LNK phishing in South Korea, enabling persistent PowerShell control and data ...

Cargo-stealing hackers have a new trick up their sleeve: using a third-party code-signing service makes their remote ...

As enterprises rely more heavily on AI technologies and services, attackers’ living-off-the-land techniques have evolved to ...

Iran-linked Handala Hack breached FBI Director’s email amid MOIS domain seizures, escalating destructive cyber ops.

Earlier variants used simple obfuscation to hide GitHub addresses and access tokens, while later samples shifted to decoding routines inside the shortcut arguments, suggesting the operators have ...

You can wrap an executable file around a PowerShell script (PS1) so that you can distribute the script as an .exe file rather than distributing a “raw” script file. This eliminates the need to explain ...

A group of hackers used both Claude Code and ChatGPT in a cybersecurity hack that lasted two and a half months.

Researchers linked 108 malicious Chrome extensions to a coordinated campaign that exposed about 20,000 users to data theft, ...

Hackers are exploiting a critical vulnerability in Marimo reactive Python notebook to deploy a new variant of NKAbuse malware ...

The TeamPCP hacking group is targeting Kubernetes clusters with a malicious script that wipes all machines when it detects systems configured for Iran. The threat actor is responsible for the recent ...

Cybersecurity experts are sounding the alarm about a new type of hacking campaign, called “DarkSword,” that could access personal data on millions of iPhones. The attacks target iPhones with iOS ...

The Handala Hack Team published more than 300 emails from Kash Patel’s inbox between 2010 and 2019 Middle East crisis – live updates Iran-linked hackers have broken into the personal email inbox of ...