On June 24, 2026, Microsoft’s Digital Crimes Unit (DCU) facilitated the takedown, suspension, and blocking of domains that ...

Trusted host lists can help keep PowerShell remoting working in mixed domain and workgroup environments, but only if admins avoid overwriting existing WinRM settings.

JFrog found malicious npm packages that deploy a Windows RAT to steal Chrome credentials, run commands, and transfer files.

BlackByte is a ransomware strain operated under the Ransomware-as-a-Service (RaaS) model that emerged in July 2021. Early versions of the ransomware were developed in C#, while later iterations were ...

Malware campaigns targeting Latin America (LATAM) are evolving. While the final payloads, often commodity RATs like XWorm, remain consistent, delivery mechanisms are becoming increasingly ...

GoExec is a new take on some of the methods used to gain remote execution on Windows devices. GoExec implements a number of largely unrealized execution methods and provides significant OPSEC ...

This is Part 2 of our two-part technical analysis on the Gopher Strike and Sheet Attack campaigns. For details on the Gopher Strike campaign, go to Part 1.IntroductionIn September 2025, Zscaler ...

About time: Microsoft introduced support for the RC4 stream cipher in Windows 2000 as the default authentication algorithm for the Active Directory services. The system has been insecure for even ...

Microsoft is killing off an obsolete and vulnerable encryption cipher that Windows has supported by default for 26 years following more than a decade of devastating hacks that exploited it and ...

Update as of 2/4/2026: Details on the Windows Update rollout strategy added. As organizations face an evolving threat landscape, strengthening Windows authentication is more critical than ever. The ...

ESET researchers have identified new MuddyWater activity primarily targeting organizations in Israel, with one confirmed target in Egypt. MuddyWater, also referred to as Mango Sandstorm or TA450, is ...