From late April 2026 to mid-June 2026, Microsoft Defender Experts observed increased ACR Stealer activity across customer ...
A new malicious framework called OkoBot is delivering more than 20 payloads in attacks focused on stealing cryptocurrency ...
The attack vector is available for rent at scale, and evades AV and EDR, leaving YARA analysis as the best detection option.
From a rushed ShareFile shutdown to poisoned npm packages and AI assistants tricked into installing malware, here's every ...
In Operation Muck and Load, over 200 GitHub repositories serve a Go module that leads to Windows malware infections.
GigaWiper is a destructive backdoor that combines multiple wiping and ransomware-like capabilities into a single operational ...
Sophos says Claude Code, Cursor, and Codex triggered Windows endpoint rules for credential access, LOLBin downloads, and ...
The FBI has warned Americans about a growing cyber threat that uses fraudulent websites and fake login pages to steal money, passwords and personal information. In a new public advisory, the agency ...
Most PowerShell module repositories start the same way: a few scripts, some manual testing, and CI/CD added later—often inconsistently. This template flips that model. PSScriptModule is opinionated by ...
These tools are designed for educational purposes and security research only. Use them responsibly and only on accounts you own or have explicit permission to test.