Threat actors are now abusing DNS queries as part of ClickFix social engineering attacks to deliver malware, making this the first known use of DNS as a channel in these campaigns.

It's free and open-source.

CrashFix crashes browsers to coerce users into executing commands that deploy a Python RAT, abusing finger.exe and portable Python to evade detection and persist on high‑value systems.

Resolve AI, a startup developing an autonomous site reliability engineer (SRE), a tool that automatically maintains software systems, has raised a Series A led by Lightspeed Venture Partners, ...

Editor's take: Microsoft is doubling down on its plan to turn Windows 11 into an "agentic AI" platform, and in the process seems determined to strip away the last bits of user agency left in the OS.

Microsoft says Windows PowerShell now warns when running scripts that use the Invoke-WebRequest cmdlet to download web content, aiming to prevent potentially risky code from executing. As Microsoft ...

The threat actor known as TA558 has been attributed to a fresh set of attacks delivering various remote access trojans (RATs) like Venom RAT to breach hotels in Brazil and Spanish-speaking markets.

The August 2025 (KB5063878) Windows update caused an issue that prevented non-admin users from carrying out several vital operations due to misbehaving UAC prompts. Microsoft has since released its ...

Cybersecurity researchers have discovered a new malvertising campaign that's designed to infect victims with a multi-stage malware framework called PS1Bot. "PS1Bot features a modular design, with ...