Malware continues to evolve, becoming more sophisticated and harder to detect. One of the most challenging types is polymorphic malware — malicious software that constantly changes its code to evade ...

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has released new details about RESURGE, a malicious implant used in zero-day attacks exploiting CVE-2025-0282 to breach Ivanti Connect ...

Sample files for Azul are kept in a Simple Storage Service (S3) compatible binary large object (blob) store, and processed ...

Batch scans of multiple suspicious files and tailored malware research for incident response: With the free tool vt-cli, VirusTotal follows your command.

“Taking five seconds to confirm a meeting link really leads to zoom.us [instead of an impostor link] is a simple habit that can prevent a serious problem,” Malwarebytes advises. The fake website that ...

IntroductionIn December 2025, Zscaler ThreatLabz discovered a campaign linked to APT37 (also known as ScarCruft, Ruby Sleet, and Velvet Chollima), which is a DPRK-backed threat group. In this campaign ...

MuddyWater’s Operation Olalampo targets MENA with GhostFetch, CHAR, HTTP_VIP, and AI-assisted malware since Jan 26, 2026.

The module targets Claude Code, Claude Desktop, Cursor, Microsoft Visual Studio Code (VS Code) Continue, and Windsurf. It also harvests API keys for nine large language models (LLM) providers: ...

Orca has discovered a supply chain attack that abuses GitHub Issue to take over Copilot when launching a Codespace from that ...

PCWorld reports that AI-powered phishing scams now use personalized data from breaches and social media to create convincing ...

In sharp contrast with its approach to privacy, Windows 11 security is in a good place, with no major enshittification issues.

Accidentally clicking a link in a phishing email can be worrying. Although it doesn't automatically mean your device is compromised, some malicious websites may attempt to download malware in the ...