A banking trojan seen before in Brazil was observed again in a campaign aimed at Spain and Portugal, with delivery built around an MSI downloader and execution paths that can hide in trusted Windows activity.
A newly identified .NET implant shows how espionage tooling can borrow the look and feel of normal desktop apps while keeping remote tasking quietly alive.
A reported Deno-based RAT using WebSocket command-and-control highlights how legitimate runtimes and edge infrastructure can be repurposed into a quieter operator channel.
Tax-branded phishing emails are being used to deliver in-memory malware on Windows, a tactic that shifts detection away from saved files and toward what happens after a user opens the attachment.
Researchers are warning that adaptive AI worms could blur the line between self-spreading code and autonomous decision-making, forcing defenders to rethink how identity, access, and propagation are controlled.
A long-running malware line tied to Secret Blizzard now appears to be moving toward a more modular design, raising the cost of detection and disruption for defenders.
Microsoft’s disruption of Fox Tempest points to a quieter threat than encryption itself: criminals gaming the software trust layer that makes malicious code look legitimate.
In a post-quantum security context, polymorphic malware adds another layer of defensive complexity, pushing defenders to look beyond cryptographic theory and into implementation, identity, and operational control.
As AI-driven cybercrime escalates, the security world scrambles to build new lines of defense before attackers rewrite the rules again.
A cunning ZIP file trick lets malware masquerade as harmless data, evading detection and raising alarms across the cybersecurity world.
A new proof-of-concept exposes alarming blind spots in Windows security, allowing malware to vanish in plain sight by forging call stacks.