Mark Collier briefed me on two updates under embargo at KubeCon Europe 2026 last month: Helion, which opens up GPU kernel ...

DPRK-linked actors use GitHub C2 and LNK phishing in South Korea, enabling persistent PowerShell control and data ...

If you're paying for software features you're not even using, consider scripting them.

A malware campaign uses WhatsApp messages to deliver VBS scripts that initiate a multi-stage infection chain. The attack ...

A newly documented BlankGrabber infection chain is using a bogus “certificate” loader to disguise a multi-stage Windows compromise, adding another layer of deception to a commodity stealer already ...

ThreatsDay Bulletin covers stealthy attack trends, evolving phishing tactics, supply chain risks, and how familiar tools are ...

Learn the five core elements shaping intelligent automation in 2026, from orchestration and event-driven data flows to ...

Instead of the usual phishing email or fake download page, attackers are using Google Forms to kick off the infection chain. The attack typically begins when a victim downloads a business-themed ZIP ...

A fake $TEMU crypto airdrop uses the ClickFix trick to make victims run malware themselves and quietly installs a remote-access backdoor.

Florida incentivizes hunters to eliminate invasive Burmese pythons through programs offering cash rewards. The invasive snakes, numbering in the tens of thousands, disrupt the Everglades ecosystem by ...

A rare Unicode character, the right-to-left override (RTLO), can make executable files appear as harmless Word or image documents. This trick is increasingly used in malware campaigns, highlighting ...