This simple script tamed my Downloads folder.

BlackSanta is a malware module that kills EDR and AV at the kernel level prior to unleashing the malware’s final purpose.

ClickFix campaigns spread MacSync macOS infostealer via malicious Terminal commands since Nov 2025, targeting AI tool users ...

New ClickFix variant maps WebDAV drive to run trojanized WorkFlowy app, enabling stealth C2 beacon and payload delivery.

A handful of scripts can eliminate a lot of work.

"Living Off the Land" attacks use built-in tools and processes instead of traditional malware.

For more than a year, a Russian-speaking threat actor targeted human resource (HR) departments with malware that delivers a new EDR killer named BlackSanta.

The state-sponsored hackers deployed custom tools and stayed dormant in the compromised environments for months.

A fake $TEMU crypto airdrop uses the ClickFix trick to make victims run malware themselves and quietly installs a remote-access backdoor.

The malware is described as an 'EDR killer', stopping security solutions and suppressing notifications.

The Russian state-sponsored APT28 threat group is using a custom variant of the open-source Covenant post-exploitation ...

Those aren't toys. Malware used in a sophisticated spear-phishing and infostealing campaign by Russian bad actors includes a component dubbed BlackSanta that can shut down antivirus and EDR ...