North Korea-linked ScarCruft’s Ruby Jumper uses Zoho WorkDrive C2 and USB malware to breach air-gapped systems for ...

IntroductionIn December 2025, Zscaler ThreatLabz discovered a campaign linked to APT37 (also known as ScarCruft, Ruby Sleet, and Velvet Chollima), which is a DPRK-backed threat group. In this campaign ...

Microsoft has implemented and continues to deploy mitigations against prompt injection attacks in Copilot, the company announced last week. Spammers were using the "Summarize with AI" type of buttons ...

The module targets Claude Code, Claude Desktop, Cursor, Microsoft Visual Studio Code (VS Code) Continue, and Windsurf. It also harvests API keys for nine large language models (LLM) providers: ...

OpenAI launches Lockdown Mode and Elevated Risk warnings to protect ChatGPT against prompt-injection attacks and reduce data-exfiltration risks.

A fake CAPTCHA scam is tricking Windows users into running PowerShell commands that install StealC malware and steal passwords, crypto wallets, and more.

Security researchers at Point Wild have disclosed a new Windows malware campaign that uses a multi-stage infection chain to establish persistent, memory-resident access on compromised systems and ...

Abstract: A NOP (no-operation) sled is used as part of binary exploitation code to provide flexibility for exploitation accuracy and evade signatures before and after the exploitation has occurred and ...

Researchers from MIT, Northeastern University, and Meta recently released a paper suggesting that large language models (LLMs) similar to those that power ChatGPT may sometimes prioritize sentence ...

Cybercriminals have rapidly pivoted to a new evasion technique following Microsoft’s recent crackdown on malicious email attachments. Just weeks after Outlook began blocking inline Scalable Vector ...