Russian-speaking threat actors are targeting the human resources (HR) workflow with an attack campaign that conceals a malicious tool within steganographic image files that can bust enterprise ...

VOID#GEIST malware campaign delivers XWorm, AsyncRAT, and Xeno RAT using batch scripts, Python loaders, and explorer.exe ...

This week, Cisco patches and hacks. Trojanized app targeted Israelis. Bye-bye, Tycoon 2FA. Also bye-bye LeakBase. A ...

OpenAI today released the Codex app for Windows, powered by OpenAI’s frontier coding models, and it’s now the only coding agent with a first-class Windows experience.

Cork Cyber's Software Installer Scripts enable MSPs to generate dynamic installer scripts for vulnerable & outdated ...

Microsoft has warned that attackers are abusing OAuth redirects to deliver phishing and malware via Entra ID and Google Workspace logins.

Windows 11 LTSC is a clean, bloatware-free OS without Copilot, AI, ads, or feature updates. Here’s how LTSC performs vs ...

A compromised Chrome extension with 7,000 users was updated to deploy malware, strip security headers, and steal cryptocurrency wallet seed phrases.

In its new report, Microsoft has warned of a vulnerable phishing campaign where attackers exploit login feature to OAuth to deliver malware.

Signed malware backed by a stolen EV certificate deployed legitimate RMM tools to gain persistent access inside enterprise ...

IntroductionIn January 2026, Zscaler ThreatLabz observed activity by a suspected Iran-nexus threat actor targeting government officials in Iraq. ThreatLabz discovered previously undocumented malware ...