A single misconfigured server has exposed the complete toolkit of an active a three-actor phishing ecosystem. According to ...
AI Now’s Friendly Fire PoC shows Claude Code and Codex running README-planted payloads on hosts when autonomous command ...
An indicator is a claim, not a fact — and the advisory covering your own network is the one you can least afford to accept ...
As threat actors operationalize AI to accelerate attacks, they are also leveraging the wider global interest around AI itself as a social engineering lure. In recent months, Microsoft Threat ...
A threat actor is using an AI-built ransomware attack toolkit that automates Active Directory discovery and helps evade endpoint detection and response (EDR) solutions. Tool and payload development ...
Threat actors likely associated with the Democratic People's Republic of Korea (DPRK) have been observed using GitHub as command-and-control (C2) infrastructure in multi-stage attacks targeting ...
IntroductionOn March 1, 2026, ThreatLabz observed new activity from a China-nexus threat actor targeting countries in the Persian Gulf region. The activity took place within the first 24 hours of the ...
Two newly uncovered malware campaigns are exploiting open-source software across Windows and Linux environments to target enterprise executives and cloud systems, signaling a sharp escalation in both ...
An investigation into what appeared at first glance to be a “standard” Python-based infostealer campaign took an interesting turn when it was discovered to culminate in the deployment of a ...
Microsoft security researchers analyze suspicious files to determine if they are threats, unwanted applications, or normal files. Submit files you think are malware or files that you believe have been ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results