The packer plays a key role in initial access operations. Rather than delivering a single malware family, pkr_mtsi has been ...

GootLoader malware is abusing malformed ZIP archives that bypass common tools like WinRAR & deliver JavaScript payloads via ...

SHADOW#REACTOR malware uses scripts and Windows tools to deploy Remcos RAT quietly, bypass defenses, and gain lasting remote ...

SHADOW#REACTOR is a malware campaign using VBS, PowerShell, and MSBuild to stealthily deploy Remcos RAT with persistent ...

Gootloader malware resurfaces using malvertising and SEO poisoning to spread infections Attackers now obfuscate malware names using deceptive web fonts and glyph swapping Loader delivers ransomware, ...

A typosquatted domain impersonating the Microsoft Activation Scripts (MAS) tool was used to distribute malicious PowerShell scripts that infect Windows systems with the 'Cosmali Loader'.

A new ClickFix social engineering campaign is targeting the hospitality sector in Europe, using fake Windows Blue Screen of ...

If you use a Windows computer, it's time to update it yet again — before hackers get to you with the latest Windows malware threat. Phemedrone is an open-source malware that targets web browsers and ...

Certain cybercriminal groups like ransomware gangs, botnet operators, and financial fraud scammers get specific attention for their attacks and operations. But the larger ecosystem that underlies ...

The operators of the "Gootkit" malware loader (otherwise known as "Gootloader") have started a new search engine optimization (SEO) poisoning campaign targeting Australian healthcare organizations.

A new cyberattack campaign has been found to be using MSIX — a Windows application packaging format — to infect Windows PCs and evade detection by dropping a stealthy malware loader into its victim’s ...