New analysis shows the campaign, which uses compromised WordPress sites, may be linked to the ransomware and extortion group Vice Society.

Freeze is a payload creation tool used for circumventing EDR security controls to execute shellcode in a stealthy manner. Freeze utilizes multiple techniques to not only remove Userland EDR hooks, but ...

Abstract: Developing a remote exploit is not easy. It requires a comprehensive understanding of a vulnerability and delicate techniques to bypass defense mechanisms. As a result, attackers may prefer ...

A fake CAPTCHA scam is tricking Windows users into running PowerShell commands that install StealC malware and steal passwords, crypto wallets, and more. A new social engineering campaign is abusing ...

A China-linked threat actor known as Lotus Blossom has been attributed with medium confidence to the recently discovered compromise of the infrastructure hosting Notepad++. The attack enabled the ...

IntroductionIn May 2025, Zscaler ThreatLabz discovered CVE-2025-50165, a critical remote code execution (RCE) vulnerability with a CVSS score of 9.8 that impacts the Windows Graphics Component. The ...

In this blogpost, ESET researchers provide an analysis of Spellbinder, a lateral movement tool for performing adversary-in-the-middle attacks, used by the China-aligned threat actor that we have named ...

Malware authors looking to evade analysis are turning to less popular programming languages like Delphi or Haskell. Computer scientists affiliated with the University of Piraeus and Athena Research ...

For most websites, the homepage represents your brand’s first interaction with your audience on your website. As the catch-all landing page where people will be sent by default, your homepage needs to ...

ESET researchers discovered a previously unknown vulnerability in Mozilla products, exploited in the wild by Russia-aligned group RomCom. This is at least the second time that RomCom has been caught ...