Initial access hackers switch to Tsundere Bot for ransomware attacks

A prolific initial access broker tracked as TA584 has been observed using the Tsundere Bot alongside XWorm remote access ...
Cybernews

North Korea is turning open-source projects into malware traps

North Korea is doubling down on a familiar playbook by weaponizing trust in open-source software and developer workflows. The ...
The Hacker News

China-Linked Hackers Have Used the PeckBirdy JavaScript C2 Framework Since 2023

Experts details PeckBirdy, a JavaScript C2 framework used since 2023 by China-aligned attackers to spread malware via fake ...
CSO Online

AI-powered polymorphic attack lures victims to phishing webpages

A new breed of malware uses various dynamic techniques to avoid detection and create customized phishing webpages.

Hackers are using LLMs to build the next generation of phishing attacks - here's what to look out for

A victim would be phished to visit a seemingly benign webpage. It contains no visible malicious code, but once loaded, it ...
CSO Online

Contagious Interview turns VS Code into an attack vector

Threat actors behind the campaign are abusing Microsoft Visual Studio Code’s trusted workflows to execute and persist ...
GitHub

ZYRA: Your Runtime Armor ️

ZYRA is a Zig-based obfuscator, packer, and loader designed to protect executable files from static analysis and reverse engineering. Written in Zig for performance and control 👌 Easy to install with ...