From Ransomware to Residency: Inside the Rise of the Digital Parasite

Are ransomware and encryption still the defining signals of modern cyberattacks, or has the industry been too fixated on noise while missing a more dangerous shift happening quietly all around them? According to Picus Labs’ new Red Report 2026, which analyzed over 1.1 million malicious files and...

RedTeam-Tactics-and-Techniques

It is an offensive tool for Windows. The repository contains a script that appears to be a Windows shell extension, likely used for red teaming or penetration testing. The script is written in a format compatible with the Windows Taskbar and Shell. The script is designed to toggle the desktop,...

Russian APT28 Deploys “NotDoor” Backdoor Through Microsoft Outlook

APT28 hackers deploy NotDoor backdoor via Microsoft Outlook macros, using OneDrive sideloading to steal data and evade detection...

Years Long Linux Cryptominer Spotted Using Legit Sites to Spread Malware

Cryptominer campaign runs for years using legit sites to spread malware, targeting Linux systems through known bugs and avoiding detection...

AI-Assisted Fake GitHub Repositories Fuel SmartLoader and LummaStealer Distribution

In this blog entry, we uncovered a campaign that uses fake GitHub repositories to distribute SmartLoader, which is then used to deliver Lumma Stealer and other malicious payloads. The campaign leverages GitHub’s trusted reputation to evade detection, using AI-generated content to make fake...

Defending Against APTs: A Learning Exercise with Kimsuky

The “evolving threat landscape” is a term we often hear within webinars and presentations taking place across the cybersecurity industry. Such a catch-all term is intended to capture the litany of threat groups and their evolving tactics, but in many ways it fails to truly acknowledge the growth ...

BlueNoroff Unleashes New macOS Malware ObjCShellz

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary A new macOS malware variant linked to the financially motivated BlueNoroff APT group, named "ObjCShellz,“ featuring remote shell capabilities and suspicious domain communication. The malware, written in...

LOLKEK Ransomware Evolving New Tactics to Evade Detection

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary LOLKEK ransomware is still being actively developed and uses new tactics to evade detection, including obfuscation, legitimate tools, and network shares. It encrypts all drives, including network shares,...

Vidar Malware Using New Tactics to Evade Detection and Anonymize Activities

The threat actors behind the Vidar malware have made changes to their backend infrastructure, indicating attempts to retool and conceal their online trail in response to public disclosures about their modus operandi. "Vidar threat actors continue to rotate their backend IP infrastructure, favorin...

Uncovering the Threat of BlueBravo with GraphicalNeutrino and BEATDROP

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary GraphicalNeutrino and BEATDROP are malicious software used by the Russian-linked threat group BlueBravo in targeted cyber attacks, using legitimate Western services for command-and-control communications...

Visa warns of Baka JavaScript skimmer capable of evading detection

By Deeba Ahmed The JavaScript skimmer evades detection from static malware scanners using dynamic loading. This is a post from HackRead.com Read the original post: Visa warns of Baka JavaScript skimmer capable of evading detection...

venom

This is a Metasploit framework module for generating shellcode and compiling it into an executable file. The module, named "venom," is designed to produce shellcode in various formats C, Python, Ruby, DLL, MSI, HTA-PSH and inject it into a template e.g., Python that executes the shellcode in RAM...

New SystemBC malware targets Windows PCs by evading detection

By Sudais While finding and removing malware on your computer system may indeed be a joyous moment, there's a new malware out there that will give you a headache instead. To know why, a dive through is needed into SystemBC, a malware written in C++ that has been discovered by researchers at...

Moker RAT Bypassing Security Measures, Evading Detection

Researchers warned Tuesday the latest APT to make the rounds features a remote access Trojan that can effectively mitigate security measures on machines and grant the attacker full access to the system. Experts with the Israeli cyber security start-up enSilo discovered the RAT – which they refer ...

APT Group Embeds C&C Data on TechNet Pages

The so-called Deputy Dog APT group has surfaced again with a means of keeping its command and control servers under wraps that involves Microsoft’s TechNet online resources. New research published last week by Microsoft and FireEye revealed targeted attacks against organizations have been...

Malware Flea Market Pays Hackers to Hijack PCs

Among a slew of online cybercrime forums, Pay-Per-Install.org stands out as a malware flea market where shadowy pushers of Trojan downloaders and tools for evading detection are bargaining with thousands of would-be “affiliates” willing to compromise victims’ computers globally and get paid for i...