A new strand of malware uses Word files with macros to download a PowerShell script from GitHub. This PowerShell script further downloads a legitimate image file from image hosting service Imgur to ...
Attackers looking to steal employee credentials from organizations tied to the industrial sector deployed highly-targeted operations that delivered malicious PowerShell scripts in images. The ...
From package to postinstall payload: Inside the Mastra npm supply chain compromise by Sapphire Sleet
A poisoned npm package infected 140+ projects with a hidden payload. This report highlights how to detect, hunt, and defend ...
Latest attack by TA547 showed signs of large language model involvement in the creation of a PowerShell script used to deploy malware. A recent attack that targeted organizations in Germany deployed a ...
Click, and boom, your network is compromised. All a hacker needs is one successful exploit and you could have a very bad day. Recently we uncovered one artifact that we would like to break down and ...
A recently discovered malware builder sold on the dark web, Quantum Builder, is being used in a new campaign featuring fresh tactics to deliver the Agent Tesla .NET-based keylogger and remote access ...
A malicious npm package has been caught impersonating one of the JavaScript ecosystem's most widely used build tools. The ...
Microsoft Threat Intelligence analyzed a cryptocurrency clipper campaign that combines clipboard theft, wallet replacement, ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results