ESET researchers document how the Sednit APT group has reemerged with a modern toolkit centered on two paired implants – BeardShell and Covenant.

Instead of the usual phishing email or fake download page, attackers are using Google Forms to kick off the infection chain. The attack typically begins when a victim downloads a business-themed ZIP ...

The LeakNet ransomware gang is now using the ClickFix technique for initial access into corporate environments and deploys a ...

APT28 deploys BEARDSHELL and COVENANT since April 2024 targeting Ukrainian military, enabling cloud-based espionage and persistent surveillance.

A new malware strain dubbed Slopoly, likely created using generative AI tools, allowed a threat actor to remain on a compromised server for more than a week and steal data in an Interlock ransomware ...

トレントを通じてダウンロードできる映画の字幕ファイルに、悪質なコマンドを実行するマルウェアがひそかに仕込まれていたことが分かりました。

ESET researchers have traced the reactivation of Sednit’s advanced implant team to a 2024 case in Ukraine, where a keylogger ...

We found fake “verify you are human” pages on hacked WordPress sites that trick Windows users into installing the Vidar ...

The Contagious Interview campaign weaponizes job recruitment to target developers. Threat actors pose as recruiters from crypto and AI companies and deliver backdoors such as OtterCookie and ...