A fake CAPTCHA scam is tricking Windows users into running PowerShell commands that install StealC malware and steal passwords, crypto wallets, and more.

Microsoft details a new ClickFix variant abusing DNS nslookup commands to stage malware, enabling stealthy payload delivery ...

When Microsoft patched a vulnerability last summer that allowed threat actors to use Windows’ shortcut (.lnk) files in ...

DEAD#VAX campaign delivers AsyncRAT via IPFS-hosted VHD phishing files, using fileless memory injection and obfuscated scripts to evade detection.

Ransomware attackers targeting a Fortune 100 company in the finance sector used a new malware strain, dubbed PDFSider, to deliver malicious payloads on Windows systems. The attackers employed social ...

A new malicious campaign mixes the ClickFix method with fake CAPTCHA and a signed Microsoft Application Virtualization (App-V) script to ultimately deliver the Amatera infostealing malware. The ...

How modern infostealers target macOS systems, leverage Python‑based stealers, and abuse trusted platforms and utilities to ...

Now that Windows 10 has reached the end of support, it's increasingly appealing to cybercriminals. While upgrading is ...

Fake antivirus app TrustBastion uses Hugging Face to deliver Android malware that captures screenshots, steals PINs and shows fake login screens, according to Bitdefender.

Now that Windows 10 is no longer supported, it's become a more attractive target for hackers. That doesn't mean you need to upgrade right away—here's how to stay protected.

A threat actor with a sophisticated variant of the ClickFix attack is tricking users into installing malware on their systems. Unlike typical ClickFix scams that use fake security alerts or CAPTCHAs ...