The Chinese cyber-espionage collective Dragon Breath, also recognized by the designation APT-Q-27, has purportedly acquired a formidable new instrument for infiltrating corporate infrastructures. According to a report by Ransom-ISAC, investigators identified a vulnerable driver,...
A novel method to acquire total systemic hegemony over Windows has surfaced, and remarkably, it eschews complex kernel vulnerabilities in favor of exploiting the erratic behavior of the integrated antivirus suite. A researcher operating...
In the waning days of February 2026, cyber adversaries inaugurated a nascent campaign characterized by an unorthodox stratagem: the dissemination of malignant Windows artifacts via the ubiquitous channels of WhatsApp. The calculus was elegantly...
Artificial intelligence extensions have seamlessly woven themselves into the fabric of everyday browser utility. Multitudes of users routinely summon the sidebar, interrogating chatbots and injecting proprietary corporate documents or intricate code snippets into the...
An electronic missive imploring the recipient to “sign a document” or “authenticate an account” may not invariably lead to a fabricated domain, but rather to an entirely legitimate Microsoft or Google address. It is...
The Microsoft Defender threat intelligence team has documented a series of substantiated offensives targeting internet-facing SolarWinds Web Help Desk instances. Adversaries weaponized these vulnerable help desk servers as a primary point of ingress, subsequently...
Microsoft has disclosed a sophisticated sequence of multi-stage incursions leveraging Adversary-in-the-Middle (AiTM) session hijacking in tandem with Business Email Compromise (BEC) methodologies. The offensive specifically targeted entities within the energy sector, with adversaries weaponizing...
Cyber-espionage attributed to the Chinese group HoneyMyte—also known as Mustang Panda and Bronze President—has reached a new level. Researchers have observed the deployment of an advanced version of the ToneShell malware, concealed by a...
A new commodity has surfaced on underground forums for those seeking to operate more quietly—and for longer. An actor using the alias AlphaGhoul has begun promoting a utility called NtKiller, which, according to its...
Expanding Microsoft Teams’ capabilities for working with external users brings not only convenience, but also new vulnerabilities. The Ontinue team has detailed a technique that exploits the peculiarities of guest access to bypass Microsoft...
Experts at Microsoft Threat Intelligence have documented an attack in which adversaries, for the first time, employed artificial intelligence to disguise phishing code, with the aim of stealing corporate credentials from U.S.-based companies. The...
Unknown threat actors have begun disseminating a counterfeit version of the SonicWall application, designed to steal credentials used to access VPNs. The campaign was uncovered by experts at SonicWall and Microsoft, who detected attempts...
