A likely AI-generated PowerShell script mapped Active Directory after an attacker gained RDP access to a Windows Server with ...
Sophos says Claude Code, Cursor, and Codex triggered Windows endpoint rules for credential access, LOLBin downloads, and ...
In Operation Muck and Load, over 200 GitHub repositories serve a Go module that leads to Windows malware infections.
Securonix uncovers the Veil#Drop malware framework, which abuses compromised websites and Google Blogspot to deploy the PureLog information stealer.
A threat actor has been caught using AI-generated malware in a real network intrusion, deploying a PowerShell script that an ...
A fileless malware framework has been abusing Google's Blogspot platform to deliver the PureLog Stealer entirely in memory, letting attackers steal credentials while leaving few traces on disk.
PureLogs Stealer uses fake PDF JavaScript files and Google's Blogger pages in the VEIL#DROP campaign, enabling fileless ...
Researchers found attackers using fake CAPTCHA pages. Users should never run PowerShell or Windows commands requested by ...
Separate but similar campaigns described by Microsoft and Trend Micro use malicious zip files to spread malware via social ...
Armored Likho BusySnake Stealer, a Python-based infostealer first disclosed by Kaspersky, is actively targeting government ...
Prinz Eugen ransomware targets recently modified files first and skips ransom notes, exposing backup, EDR, and incident response gaps for IT teams.