The phishing campaign shows how attackers continue to weaponize legitimate cloud services and open source tools to evade ...

Researchers found a LinkedIn phishing campaign delivering a remote access trojan via DLL sideloading, WinRAR SFX files, and ...

Active malware exploits DLL side-loading in a signed GitKraken binary to deliver trojans, stealers, and remote access malware ...

安全专家披露了一项活跃的恶意软件攻击活动，攻击者利用开源c-ares库中合法二进制文件的DLL侧加载漏洞，绕过安全控制并传播多种商业木马和窃取程序。攻击者将恶意libcares-2.dll与合法的已签名ahost.exe配对执行代码，绕过传统签名防护 ...

The ability to write parts of SQL queries in natural language will help developers speed up their work, analysts say.

Researchers studying cybersecurity have discovered a new and sophisticated phishing effort that spreads dangerous payloads ...

New WhatsApp Web attack spreads self-propagating ZIP files containing Astaroth banking malware through trusted conversations.

Officials of Ukraine's Defense Forces were targeted in a charity-themed campaign between October and December 2025 that ...

【本文由小黑盒作者@周铁男是我于01月17日发布，转载请标明出处！】 今天看到火绒团队发的《银狐后门：Python库压缩包篡改与Chrome伪装攻击分析》后，感觉这里用到了一种很新奇的方法，于是我做了复现，顺便分享给大家共同学习 ...

Django 6.0 has arrived, offering developers cutting-edge features like a built-in tasks framework, enhanced security with ...

The Python-based information stealer SolyxImmortal uses legitimate APIs and libraries for stealthy data gathering and ...

Google launched the Universal Commerce Protocol (UCP), an open standard enabling AI-driven shopping agents to complete tasks ...