All the nation-state hackers are vibe coding. Vibeware won't win any coding awards. It's not pretty. It doesn't target any ...

Researchers link Silver Dragon APT to APT41 after attacks on government entities using Cobalt Strike, DNS tunneling, and ...

North Korean hacking group APT37 was seen deploying new implants, backdoors, and other tools in attacks targeting air-gapped ...

SloppyLemming targeted Pakistan and Bangladesh with BurrowShell, a Rust keylogger, and 112 Cloudflare Workers domains in 2025 ...

IntroductionIn December 2025, Zscaler ThreatLabz discovered a campaign linked to APT37 (also known as ScarCruft, Ruby Sleet, and Velvet Chollima), which is a DPRK-backed threat group. In this campaign ...

North Korean hackers are deploying newly uncovered tools to move data between internet-connected and air-gapped systems, spread via removable drives, and conduct covert surveillance.

China linked APT41 hackers deploy Silver Dragon campaign targeting organizations with malware and espionage tactics.

A convincing lookalike of the popular Huorong Security antivirus has been used to deliver ValleyRAT, a sophisticated Remote Access Trojan (RAT) built on the Winos4.0 framework, to users who believed ...

A multi-stage malware loader known as OysterLoader has continued to evolve into early 2026, refining its command-and-control (C2) infrastructure and obfuscation methods.

A fake CAPTCHA scam is tricking Windows users into running PowerShell commands that install StealC malware and steal passwords, crypto wallets, and more.

The entrypoint of the shellcode looks like this. Of course, this can be changed for your need. First we need to initialize needed libraries and functions by using our custom written GetModuleHandle ...

The shellcode needs to be processed using scripts/main.py (the default shellcode is calc). Executing the py file generates three files (in, sh, shellcode.bin). Place these three files in the assets ...