Antivirus TechnologiesCybersecurityIncidentsLummaMalwareMalware descriptionsMalware TechnologiesOnline GamesSecurity technologyshellcodeTrojan-stealerWeb threatsWindows malware
The game is over: when “free” comes at too high a price. What we know about RenEngine
We often describe cases of malware...
CobaltStrikeCybersecurityDLL sideloadingGReAT researchIncidentsMalwareMalware descriptionsMalware TechnologiesshellcodeSupply-chain attackWindows malware
The Notepad++ supply chain attack — unnoticed execution chains and new IoCs
Introduction On February 2, 2026, the...
Supply chain attack on eScan antivirus: detecting and remediating malicious updates
On January 20, a supply chain...
Smashing Security podcast #452: The dark web’s worst assassins, and Pegasus in the dock
In episode 452, a London-based YouTuber...
Beware! Fake ChatGPT browser extensions are stealing your login credentials
If you’ve installed a browser extension...
APTAPT (Targeted attacks)APT reportsBackdoorBrowserCybersecurityFirefoxGoogle ChromeGReAT researchHoneyMyteInfostealersMalwareMalware descriptionsMalware TechnologiesMicrosoft EdgeTargeted attacksTrojan-stealer
HoneyMyte updates CoolClient and deploys multiple stealers in recent campaigns
Over the past few years, we’ve...
APTAPT (Targeted attacks)APT reportsBackdoorCybersecurityGReAT researchHoneyMyteMalwareMalware descriptionsRootkitsTargeted attacks
The HoneyMyte APT evolves with a kernel-mode rootkit and a ToneShell backdoor
Overview of the attacks In mid-2025,...
APTAPT (Targeted attacks)APT reportsCybersecurityDefense evasionDNS manipulationencryptionEvasive PandaGReAT researchMalwareMalware descriptionsMalware TechnologiesshellcodeTargeted attacksWindows malware
Evasive Panda APT poisons DNS requests to deliver MgBot
Introduction The Evasive Panda APT group...
BackdoorCybersecurityGitHubMalwareMalware descriptionsTrojanVulnerabilities and exploitsWebratWindows malware
From cheats to exploits: Webrat spreading via GitHub
In early 2025, security researchers uncovered...