Attackers exploit FortiGate vulnerabilities to steal LDAP credentials and breach networks, enabling AD access and malware deployment.

BlackSanta is a malware module that kills EDR and AV at the kernel level prior to unleashing the malware’s final purpose.

Emily Long is a freelance writer based in Salt Lake City. After graduating from Duke University, she spent several years reporting on the federal workforce for Government Executive, a publication of ...

A fake $TEMU crypto airdrop uses the ClickFix trick to make victims run malware themselves and quietly installs a remote-access backdoor.

Ransomware threat actors tracked as Velvet Tempest are using the ClickFix technique and legitimate Windows utilities to deploy the DonutLoader malware and the CastleRAT backdoor.

Throughout early 2026, SentinelOne’s Digital Forensics & Incident Response (DFIR) team has responded to several incidents where FortiGate Next-Generation Firewall (NGFW) appliances have been ...

The latest example is detailed by researchers at Aryaka, who this week described a campaign by an unnamed threat actor who is distributing resumés containing a malicious ISO file to HR departments. It ...

A campaign by Russian-speaking cyberattackers hijacks workflows to deliver security-busting malware, allowing attackers to steal data without detection.

Malicious Chrome extensions tied to ownership transfers push malware and steal data, exposing thousands to credential theft and system compromise.

As enterprises increasing depend on cloud services, living off the land has evolved into living off the cloud.

Those aren't toys. Malware used in a sophisticated spear-phishing and infostealing campaign by Russian bad actors includes a component dubbed BlackSanta that can shut down antivirus and EDR ...

Sudo in Windows is a godsend.