Security tooling is not written in a single language. Python powers most automation. C sits at the exploit layer. PowerShell ...
A feature-rich DLL injection library which supports x86, WOW64 and x64 injections. Developed by Broihon for Guided Hacking. It features five injection methods, six shellcode execution methods and ...
The cybersecurity firm has not explicitly accused China of being behind the attack, but the evidence suggests it was. Palo Alto Networks has shared some information on the exploitation of the recently ...
Recent social engineering schemes involving WordPress and Microsoft’s Windows Terminal show that this relatively basic tactic is a growing threat. Cybercriminals are combining compromised websites ...
Hackers are impersonating IT staff in Microsoft Teams to trick employees into installing malware, giving attackers stealthy access to corporate networks. Microsoft Teams impersonation and social ...
IntroductionIn December 2025, Zscaler ThreatLabz discovered a campaign linked to APT37 (also known as ScarCruft, Ruby Sleet, and Velvet Chollima), which is a DPRK-backed threat group. In this campaign ...
A fake CAPTCHA scam is tricking Windows users into running PowerShell commands that install StealC malware and steal passwords, crypto wallets, and more. A new social engineering campaign is abusing ...
Threat hunters have disclosed details of a new, stealthy malware campaign dubbed DEAD#VAX that employs a mix of "disciplined tradecraft and clever abuse of legitimate system features" to bypass ...
Security researchers at Point Wild have disclosed a new Windows malware campaign that uses a multi-stage infection chain to establish persistent, memory-resident access on compromised systems and ...
Abstract: Return-oriented programming (ROP) is a code-reuse attack that uses borrowed chunks of executable code for arbitrary computation. On Windows, ROP is often used solely to bypass Data Execution ...
In this blogpost, ESET researchers provide an analysis of Spellbinder, a lateral movement tool for performing adversary-in-the-middle attacks, used by the China-aligned threat actor that we have named ...
Microsoft Threat Intelligence has identified a limited attack campaign leveraging publicly available ASP.NET machine keys to conduct ViewState code injection attacks. The attacks, first observed late ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results