North Korean hackers are deploying newly uncovered tools to move data between internet-connected and air-gapped systems, spread via removable drives, and conduct covert surveillance.

North Korea-linked ScarCruft’s Ruby Jumper uses Zoho WorkDrive C2 and USB malware to breach air-gapped systems for ...

IntroductionIn December 2025, Zscaler ThreatLabz discovered a campaign linked to APT37 (also known as ScarCruft, Ruby Sleet, and Velvet Chollima), which is a DPRK-backed threat group. In this campaign ...

Shanon is an open source AI pentester built on the Claude SDK; runs cost about $60 in API credits, with CI/CD support; ...

A convincing lookalike of the popular Huorong Security antivirus has been used to deliver ValleyRAT, a sophisticated Remote Access Trojan (RAT) built on the Winos4.0 framework, to users who believed ...

ClickFix Campaign Abuses Compromised Sites to Deploy MIMICRAT Malware | Read more hacking news on The Hacker News cybersecurity news website and learn how to protect against cyberattacks and software ...

Self-hosted agents execute code with durable credentials and process untrusted input. This creates dual supply chain risk, ...

A fake CAPTCHA scam is tricking Windows users into running PowerShell commands that install StealC malware and steal passwords, crypto wallets, and more.

A multi-stage malware loader known as OysterLoader has continued to evolve into early 2026, refining its command-and-control (C2) infrastructure and obfuscation methods.

TAIZHOU, ZHEJIANG, CHINA, January 19, 2026 /EINPresswire.com/ — Top Injection Moulds and Products Manufacturer: Aoxu Mould’s Strategic Process Optimization ...

The latest headlines from our reporters across the US sent straight to your inbox each weekday Your briefing on the latest headlines from across the US A mother has been arrested after allegedly ...