New analysis shows the campaign, which uses compromised WordPress sites, may be linked to the ransomware and extortion group Vice Society.

Hackers are impersonating IT staff in Microsoft Teams to trick employees into installing malware, giving attackers stealthy access to corporate networks. Microsoft Teams impersonation and social ...

IntroductionThreat actors often take advantage of major global events to fuel interest in their malicious activities. Zscaler ThreatLabz is diligently tracking a surge in cybercriminal activity that ...

IntroductionIn December 2025, Zscaler ThreatLabz discovered a campaign linked to APT37 (also known as ScarCruft, Ruby Sleet, and Velvet Chollima), which is a DPRK-backed threat group. In this campaign ...

Do you know about “What Is Buffer Overflow?” If not, then you are at the right place. Here, we will talk about Buffer Overflow uses and impacts, and how you can defend yourself against such attacks ...

A fake CAPTCHA scam is tricking Windows users into running PowerShell commands that install StealC malware and steal passwords, crypto wallets, and more. A new social engineering campaign is abusing ...

A China-linked threat actor known as Lotus Blossom has been attributed with medium confidence to the recently discovered compromise of the infrastructure hosting Notepad++. The attack enabled the ...

Malware authors looking to evade analysis are turning to less popular programming languages like Delphi or Haskell. Computer scientists affiliated with the University of Piraeus and Athena Research ...

One of the oldest and most critical flaws in software security is buffer overflows. The second most exploited vulnerability in 2023 was a heap buffer overflow. It has made innumerable attacks possible ...

Abstract: An important method to detect intrusion is to identify attack codes such as shellcode. However, the popular simulation methods seriously slow down the efficiency, while static detection ...