ClickFix attacks are delivering BabaDeda, Lorem Ipsum, and Potemkin loaders to deploy stealers, RATs, and ransomware-linked ...

IntroductionIn March 2026, Zscaler ThreatLabz observed multiple instances of typosquatting domains hosting malicious content generated with AI-powered website creation tools. Threat actors are ...

Woodgnat, an IAB for Qilin, Interlock, Rhysida, Akira, 8Base, and Black Basta ransomware, is using Mistic RAT in new attacks.

JFrog found malicious npm packages that deploy a Windows RAT to steal Chrome credentials, run commands, and transfer files.

A wave of phishing emails sent to Booking.com partner accommodations in Japan in May led to blockchain-hosted malware ...

Microsoft Threat Intelligence analyzed a cryptocurrency clipper campaign that combines clipboard theft, wallet replacement, ...

The malware program has been deployed across multiple sectors since April, helping to provide initial access sold to ransomware gangs.

On June 24, 2026, Microsoft’s Digital Crimes Unit (DCU) facilitated the takedown, suspension, and blocking of domains that ...

Long-running initial access service provider SocGholish, tied to Russian cybercrime stalwart Evil Corp, has been disrupted by ...

A malicious npm package has been caught impersonating one of the JavaScript ecosystem's most widely used build tools. The ...

Microsoft warns of CryptoBandits.A, a Tor-based Windows clipper stealing wallet data and hijacking crypto transfers.

Mapping detections and controls to MITRE ATT&CK: a practical guide for technical teams MITRE ATT&CK is useful because it gives technical teams a common language for describing adversary behaviour. For ...