PowerShell can do far more than most users realize. Explore 10 hidden capabilities that save time, improve reporting, and ...

IntroductionIn January 2026, Zscaler ThreatLabz observed activity by a suspected Iran-nexus threat actor targeting government officials in Iraq. ThreatLabz discovered previously undocumented malware ...

Threat actors are now abusing DNS queries as part of ClickFix social engineering attacks to deliver malware, making this the first known use of DNS as a channel in these campaigns. ClickFix attacks ...

AI is helping cybercriminals to rapidly assemble malware with flat-pack efficiency. It’s almost like buying a sofa from Ikea, ...

随着端点检测与响应（EDR）技术及反病毒软件的日益成熟，传统依赖于可执行文件（.exe, ...

Signed malware backed by a stolen EV certificate deployed legitimate RMM tools to gain persistent access inside enterprise ...

A fake CAPTCHA scam is tricking Windows users into running PowerShell commands that install StealC malware and steal ...

A sophisticated Python-based malware deployment uncovered during a fraud investigation has revealed a layered attack involving obfuscation, disposable infrastructure and commercial offensive tools.

OAuth redirection is being repurposed as a phishing delivery path. Trusted authentication flows are weaponized to move users ...

IntroductionIn December 2025, Zscaler ThreatLabz discovered a campaign linked to APT37 (also known as ScarCruft, Ruby Sleet, and Velvet Chollima), which is a DPRK-backed threat group. In this campaign ...

Amazon is warning that a Russian-speaking hacker used multiple generative AI services as part of a campaign that breached more than 600 FortiGate firewalls across 55 countries in five weeks.

Alibaba unveiled Qwen3.5, an open-weight, 397-billion-parameter mixture-of-experts model that only wakes up 17 billion neurons per prompt. The payoff? You get 60% lower inference ...