The attack vector is available for rent at scale, and evades AV and EDR, leaving YARA analysis as the best detection option.
description: The following analytic detects the execution of PowerShell scripts containing Base64 encoded content, specifically identifying the use of `FromBase64String`. It leverages PowerShell ...
The Windows Settings Personalization tab contains just a small fraction of the customization options available in Windows 11.
description: The following analytic identifies modifications to registry keys commonly used for persistence mechanisms. It leverages data from endpoint detection sources like Sysmon or Carbon Black, ...
Anthropic accuses Alibaba of using 25,000 fake accounts to scrape Claude AI The alleged campaign generated 28.8 million queries in a large-scale model-extraction effort to replicate AI capabilities.
ConsentFix and ClickFix attacks steal Microsoft 365 tokens in seconds using fake prompts and OAuth flows. Learn how these MFA ...
June 19, 2026 update: Microsoft assesses with high confidence that this activity is attributable to Sapphire Sleet, a North Korean state actor that primarily targets the financial sector. The ...
GigaWiper is a destructive backdoor that combines multiple wiping and ransomware-like capabilities into a single operational ...
I am always looking for ways to automate my PC. Be it a text expander like aText or a clipboard manager like Ditto, I run a few automation apps on all my PCs. One of my most used automation apps, ...
A French-speaking attacker broke into a small French automotive business, planted a keylogger, and stole banking and email credentials. Ordinary stuff, until one move near the end. Before his ...