With a recent Windows 11 update, Microsoft is removing some popular apps and some power users won't be happy about it.

Attackers are abusing legitimate remote access tools and lightweight scripts to deliver AsyncRAT entirely in memory, ...

AsyncRAT exploits ConnectWise ScreenConnect via fileless loader, stealing credentials and crypto data, maintaining ...

Analysis of the malware and tools used in an intrusion links a threat actor to three different ransomware-as-a-service (RaaS) ...

GPUGate malware uses Google Ads and fake GitHub commits to steal data from IT firms since Dec 2024, bypassing sandboxes and GPU-lacking systems.

IntroductionAPT37 (also known as ScarCruft, Ruby Sleet, and Velvet Chollima) is a North Korean-aligned threat actor active since at least 2012. APT37 primarily targets South Korean individuals ...

Cisco Talos found that abuse of remote services and remote access software are the most prevalent ‘pre-ransomware’ tactics ...

Here, you'll learn how to check which users are logged in on Windows Server with simple commands and tools for local and ...

A team of data thieves has doubled down by developing its CastleRAT malware in both Python and C variants. Both versions ...

Interlock ransomwareIssued by Arctic Wolf NetworksJohannesburg, 01 Sep 2025 Arctic Wolf examines Interlock’s most common attack methods and provides tips on how to protect your organisation. A ...

With the latest Windows Patch Day, Microsoft has closed another chapter in the history of its operating system. PowerShell 2.0, which was already classified as an outdated command line environment, is ...