DEAD#VAX campaign delivers AsyncRAT via IPFS-hosted VHD phishing files, using fileless memory injection and obfuscated ...

Rapid7 links China-linked Lotus Blossom to a 2025 Notepad++ hosting breach that delivered the Chrysalis backdoor via hijacked updates, fixed in v8.8.9 ...

The modular Windows RAT uses in-memory execution and live operator control to maintain persistence and exfiltrate sensitive ...

A hole in Microsoft Office is being exploited by bad actors, including Russian hackers targeting Ukraine's government.

The group targets telecoms, critical infrastructure - all the usual high-value orgs Security researchers have attributed the ...

Ukraine's Computer Emergency Response Team (CERT) says that Russian hackers are exploiting CVE-2026-21509, a recently patched vulnerability in multiple versions of Microsoft Office.

Russia-linked hacking group Fancy Bear is exploiting a brand-new vulnerability in Microsoft Office, CERT-UA says ...

APT28's attacks use specially crafted Microsoft Rich Text Format (RTF) documents to kick off a multistage infection chain to deliver malicious payloads.

The hosting provider's compromise allowed attackers to deliver malware through tainted software updates for six months.

IntroductionIn September 2025, Zscaler ThreatLabz identified two campaigns, tracked as Gopher Strike and Sheet Attack, by a threat actor that operates in Pakistan and primarily targets entities in the ...

Two malware campaigns weaponize open-source software to target executives and cloud systems, combining social engineering ...

Ukraine’s CERT says the bug went from disclosure to active exploitation in days Russia-linked attackers are already ...