North Korean Konni hackers are now targeting blockchain developers and engineers with AI-generated malware.

The North Korean hacker group Konni (Opal Sleet, TA406) is using AI-generated PowerShell malware to target developers and engineers in the blockchain sector.

The Gootloader malware, typically used for initial access, is now using a malformed ZIP archive designed to evade detection ...

A ransomware operation known as DeadLock has been observed abusing Polygon blockchain smart contracts to manage and rotate ...

Securonix is detailing a multi-stage campaign that starts with a bogus Booking.com message that runs through a ClickFix technique and a fake Blue Screen of Death before dropping the DCRat malware that ...

As attackers hide longer and deeper, behavior-first detection becomes the only reliable way to expose them.

Cybersecurity researchers are becoming interested in a newly discovered ransomware strain called DeadLock that abuses Polygon smart contracts to silently service its infrastructure and bypass ...

DeadLock ransomware relies on Polygon smart contracts to spin proxy servers to produce a nearly unshuttable infrastructure.

For many Windows users, PowerShell is just a strange black window you open once in a while to paste a command from a forum. In reality, PowerShell is one of the most powerful tools built into Windows.

Creates a complete new DAB environment from scratch. The current user will need an Azure subscription as well as authority to create. All resource names are automatically validated and sanitized ...

Group-IB researchers said the most unusual aspect of DeadLock lies in its use of Polygon smart contracts to manage ...