A fake $TEMU crypto airdrop uses the ClickFix trick to make victims run malware themselves and quietly installs a remote-access backdoor.

Illegally downloading the latest Oscar contender might feel like beating the system. But when the malware kicks in, as Morpheus once said, “Welcome to the real world.” Lurking in the shadows lies a ...

Emily Long is a freelance writer based in Salt Lake City. After graduating from Duke University, she spent several years reporting on the federal workforce for Government Executive, a publication of ...

Storm-2561 uses SEO poisoning to push fake VPN downloads that install signed trojans and steal VPN credentials. Active since 2025, Storm-2561 mimics trusted brands and abuses legitimate services. This ...

You can plug in your phone, download an emulator, or install the Google Play Store to access Android apps on your computer. Some tinkering may be required.

Throughout early 2026, SentinelOne’s Digital Forensics & Incident Response (DFIR) team has responded to several incidents where FortiGate Next-Generation Firewall (NGFW) appliances have been ...

The Contagious Interview campaign weaponizes job recruitment to target developers. Threat actors pose as recruiters from crypto and AI companies and deliver backdoors such as OtterCookie and ...

Sudo in Windows is a godsend.

Attackers exploit FortiGate vulnerabilities to steal LDAP credentials and breach networks, enabling AD access and malware deployment.

Ransomware threat actors tracked as Velvet Tempest are using the ClickFix technique and legitimate Windows utilities to deploy the DonutLoader malware and the CastleRAT backdoor.

Microsoft has warned that attackers are abusing OAuth redirects to deliver phishing and malware via Entra ID and Google Workspace logins.

In recently spotted attacks, the crooks would send phishing emails to government and public sector organizations, usually ...