Hackers have a new tool called ClickFix. The new attack vector combines fake human-verification prompts with malware, trying to trick users into running Terminal commands that bypass macOS security.

APT28 deploys BEARDSHELL and COVENANT since April 2024 targeting Ukrainian military, enabling cloud-based espionage and persistent surveillance.

A campaign by Russian-speaking cyberattackers hijacks workflows to deliver security-busting malware, allowing attackers to steal data without detection.

ESET researchers document how the Sednit APT group has reemerged with a modern toolkit centered on two paired implants – BeardShell and Covenant.

The Russian state-sponsored APT28 threat group is using a custom variant of the open-source Covenant post-exploitation framework for long-term espionage operations.

ESET researchers have traced the reactivation of Sednit’s advanced implant team to a 2024 case in Ukraine, where a keylogger named SlimAgent was deployed.During that operation, BeardShell, a second ...

As enterprises increasing depend on cloud services, living off the land has evolved into living off the cloud.

Want to see what your PC is really doing behind the scenes? This Windows tool shows everything.

Clickfix attacks surged 500% in early 2025. Cybercriminals now use AI in BEC scams. AI is making phishing harder to detect. Cybercriminals are shifting their techniques to focus on the human element, ...

Coverage claims without context are one of the most persistent sources of confusion in security tooling. This post breaks down four myths behind ATT&CK coverage claims and offers a more useful ...

The career Special Operations commander will take control of the nation’s largest spy agency and the military’s offensive ...