Cybersecurity researchers at Kaspersky’s Global Research and Analysis Team (GReAT) have spotlighted a highly evolved banking Trojan.

Instead of the usual phishing email or fake download page, attackers are using Google Forms to kick off the infection chain. The attack typically begins when a victim downloads a business-themed ZIP ...

ESET researchers dive deeper into the EDR killer ecosystem, disclosing how attackers abuse vulnerable drivers.

移动互联网时代的到来彻底重塑了金融服务的交付模式，加密货币钱包作为去中心化金融（DeFi）的核心入口，其安全性直接关系到用户的资产存续。然而，移动操作系统的安全边界正面临前所未有的挑战。传统的网络钓鱼攻击多依赖于社会工程学诱导用户主动泄露凭证，而新一 ...

Recent social engineering schemes involving WordPress and Microsoft’s Windows Terminal show that this relatively basic tactic is a growing threat.

IntroductionOn March 1, 2026, ThreatLabz observed new activity from a China-nexus threat actor targeting countries in the Persian Gulf region. The activity took place within the first 24 hours of the ...

Hackers are impersonating IT staff in Microsoft Teams to trick employees into installing malware, giving attackers stealthy ...

Hackers abused Microsoft Teams and Quick Assist to deploy A0Backdoor malware at financial and healthcare organizations, researchers warn.

Hackers contacted employees at financial and healthcare organizations over Microsoft Teams to trick them into granting remote ...

网络安全研究人员披露了一项多阶段恶意软件攻击活动，该活动使用批处理脚本作为传播路径，投放XWorm、AsyncRAT和Xeno RAT等加密远程访问木马载荷。攻击链被命名为VOID#GEIST，通过混淆批处理脚本部署第二阶段脚本，植入合法Python运行时，并解密加密的shellcode。现代恶意软件越来越多地转向复杂的基于脚本的传播框架，模仿合法用户活动以规避检测。

In a newly disclosed multi-stage threat campaign, attackers were seen skipping disk and leaning on in-memory tricks to deliver the XWorm remote access trojan (RAT). According to Forcepoint Labs’ ...