ClickFix uses fake CAPTCHAs and a signed Microsoft App-V script to deploy Amatera stealer on enterprise Windows systems.

DEAD#VAX campaign delivers AsyncRAT via IPFS-hosted VHD phishing files, using fileless memory injection and obfuscated scripts to evade detection.

The modular Windows RAT uses in-memory execution and live operator control to maintain persistence and exfiltrate sensitive ...

A new malicious campaign mixes the ClickFix method with fake CAPTCHA and a signed Microsoft Application Virtualization (App-V ...

Not all applications are created with remote execution in mind. PowerShell provides several ways to invoke applications on ...

This is Part 2 of our two-part technical analysis on the Gopher Strike and Sheet Attack campaigns. For details on the Gopher Strike campaign, go to Part 1.IntroductionIn September 2025, Zscaler ...

Hackers are targeting developers by exploiting the critical vulnerability CVE-2025-11953 in the Metro server for React Native ...

Threat actors are exploiting the Metro4Shell React Native vulnerability to deploy malware on Linux and Windows systems.

ESET researchers discover an Android spyware campaign targeting users in Pakistan via romance scam tactics, revealing links to a broader spy operation.

Too slow react-ion time Baddies are exploiting a critical bug in React Native's Metro development server to deliver malware ...

How modern infostealers target macOS systems, leverage Python‑based stealers, and abuse trusted platforms and utilities to distribute credential‑stealing payloads.

Learn how to design and build your own interactive menus inside your PowerShell scripts. This will help non-PowerShell users easily navigate and use them.