An exposed attack server led Lexfo to three Microsoft 365 phishing operations using Evilginx and device code abuse to capture ...
Getting WSL to behave only takes a few tweaks.
This week’s ThreatsDay Bulletin covers spyware-laced game cheats, fake installers, infostealer, ransomware, phishing kits, ...
An exposed WP-SHELLSTORM server revealed tools, logs, cloud credentials, and thousands of webshells used in a large website ...
A threat actor has published hundreds of fake GitHub repositories impersonating legitimate software and security projects to ...
Threat actors compromised AsyncAPI packages and weaponized trusted CI/CD workflows to distribute malware through npm. This ...
A step-by-step guide for DevOps teams on reviewing, testing, and enforcing policy checks on AI-generated SQL before it ...
GodDamn ransomware's PoisonX driver is a textbook EDR bypass driver: a Microsoft-signed kernel driver that kills security ...