Security Boulevard

APT37 Adds New Capabilities for Air-Gapped Networks

IntroductionIn December 2025, Zscaler ThreatLabz discovered a campaign linked to APT37 (also known as ScarCruft, Ruby Sleet, and Velvet Chollima), which is a DPRK-backed threat group. In this campaign ...
Security Boulevard

Emulating the Mutative BlackByte Ransomware

AttackIQ has released a new attack graph that emulates the behaviors exhibited by BlackByte ransomware, a strain operated ...
The Hacker News

UnsolicitedBooker Targets Central Asian Telecoms With LuciDoor and MarsSnake Backdoors

UnsolicitedBooker targets Central Asian telecoms with LuciDoor and MarsSnake, while PseudoSticky and Cloud Atlas hit Russia.
The Hacker News

Malicious NuGet Packages Stole ASP.NET Data; npm Package Dropped Malware

Four rogue NuGet packages and one npm package stole ASP.NET Identity data, deployed C2 backdoors, and reached over 50,000 ...
Infosecurity Magazine

Fraud Investigation Reveals Sophisticated Python Malware

A sophisticated Python-based malware deployment uncovered during a fraud investigation has revealed a layered attack ...
TechPP on MSN

Windows Sandbox: Safely Install and Test Unknown Windows Applications

Use Windows Sandbox to safely install and test unknown apps in an isolated environment. Protect your PC from malware and risky software without affecting your system.
Microsoft

Developer-targeting campaign using malicious Next.js repositories

A developer-targeting campaign leveraged malicious Next.js repositories to trigger a covert RCE-to-C2 chain through standard ...
Techlicious

Hackers Are Using Fake Invitations to Take Over Your PC

Hackers are hijacking email accounts and sending fake invites that install remote access tools. Even your antivirus may not ...

Fake Next.js job interview tests backdoor developer's devices

The Microsoft Defender team has discovered a coordinated campaign targeting software developers through malicious repositories posing as legitimate Next.js projects and technical assessment materials, ...