A fileless malware framework has been abusing Google's Blogspot platform to deliver the PureLog Stealer entirely in memory, letting attackers steal credentials while leaving few traces on disk.
StegoAd Microsoft Edge extensions malware affected up to 2.6 million users after the company removed 119 add-ons that hid ...
A new Magecart campaign is using Stripe's API infrastructure to host the credit card-stealing payload and the data exfiltrated from checkout pages. The entire malicious activity relies on Google Tag ...
A fresh wave of phishing emails is exploiting a blind spot in enterprise email security tools — one that most organizations have not closed — by disguising executable JavaScript inside SVG image files ...
A poisoned npm package infected 140+ projects with a hidden payload. This report highlights how to detect, hunt, and defend ...
CyberChef is a simple, intuitive web app for carrying out all manner of "cyber" operations within a web browser. These operations include simple encoding like XOR and Base64, more complex encryption ...
Microsoft Threat Intelligence identified an active multi-stage intrusion campaign targeting hospitality organizations in ...
JFrog found malicious npm packages that deploy a Windows RAT to steal Chrome credentials, run commands, and transfer files.
Learn how websites detect VPNs through IP reputation, DNS leaks, WebRTC, and browser fingerprints—and seven practical ways to reduce tracking.
IntroductionOn May 14, 2026, the Zscaler ThreatLabz team identified unusually high activity associated with the threat actor SmartApeSG to deploy malware. During our examination, we discovered ...