Fake IT support calls delivered Havoc C2, enabling credential theft, lateral movement, and ransomware prep across five ...

SloppyLemming targeted Pakistan and Bangladesh with BurrowShell, a Rust keylogger, and 112 Cloudflare Workers domains in 2025 ...

North Korean hacking group APT37 was seen deploying new implants, backdoors, and other tools in attacks targeting air-gapped ...

North Korean hackers are deploying newly uncovered tools to move data between internet-connected and air-gapped systems, spread via removable drives, and conduct covert surveillance.

IntroductionIn December 2025, Zscaler ThreatLabz discovered a campaign linked to APT37 (also known as ScarCruft, Ruby Sleet, and Velvet Chollima), which is a DPRK-backed threat group. In this campaign ...

A convincing lookalike of the popular Huorong Security antivirus has been used to deliver ValleyRAT, a sophisticated Remote Access Trojan (RAT) built on the Winos4.0 framework, to users who believed ...

A fake CAPTCHA scam is tricking Windows users into running PowerShell commands that install StealC malware and steal passwords, crypto wallets, and more.

In a newly disclosed multi-stage threat campaign, attackers were seen skipping disk and leaning on in-memory tricks to deliver the XWorm remote access trojan (RAT). According to Forcepoint Labs’ ...

A newly identified Chinese advanced persistent threat (APT) group is targeting web infrastructure providers in Taiwan, with a focus on long-term access and data theft, according to Cisco Talos. The ...

SHELLCODE IT SERVICES PRIVATE LIMITED is a Private Limited Company, governed by the Companies Act as a company limited by shares. Classified as a Non-government company, it is registered under the ...