A new Linux GoGra backdoor abuses Outlook via Microsoft Graph API for stealthy C2, targeting telecom, government, and IT sectors.

Self-propagating npm worm steals tokens via postinstall hooks, impacting six packages and expanding supply chain attacks.

IntroductionOn March 12, 2026, Zscaler ThreatLabz discovered a malicious ZIP archive containing military-themed document lures targeting Chinese-speaking individuals. Our analysis of this sample ...

A growing range of native macOS features are being repurposed by attackers to execute code, move laterally and evade ...

I found the easiest way to encrypt files on an Android phone - and it's free to do ...

A relatively new ransomware family is using a novel approach to hype the strength of the encryption used to scramble ...

A U.S. soldier involved in the military operation to capture Venezuelan President Nicolas Maduro has been charged with using ...

ThreatsDay Bulletin: active exploits, supply chain attacks, AI abuse, and stealth data risks observed this week.

A security researcher published details of three security vulnerabilities in Windows Defender, and the code used to exploit ...

With growing focus on the existential threat quantum computing poses to some of the most crucial and widely used forms of ...

The problem is structural and as long as bridges depend on complex systems with shared infrastructure and hidden trust ...

A new Kyber ransomware operation is targeting Windows systems and VMware ESXi endpoints in recent attacks, with one variant ...