PowerShell can do far more than most users realize. Explore 10 hidden capabilities that save time, improve reporting, and ...

IntroductionIn January 2026, Zscaler ThreatLabz observed activity by a suspected Iran-nexus threat actor targeting government officials in Iraq. ThreatLabz discovered previously undocumented malware ...

随着端点检测与响应（EDR）技术及反病毒软件的日益成熟，传统依赖于可执行文件（.exe, ...

AI is helping cybercriminals to rapidly assemble malware with flat-pack efficiency. It’s almost like buying a sofa from Ikea, ...

Threat actors are now abusing DNS queries as part of ClickFix social engineering attacks to deliver malware, making this the first known use of DNS as a channel in these campaigns. ClickFix attacks ...

OAuth redirection is being repurposed as a phishing delivery path. Trusted authentication flows are weaponized to move users ...

Signed malware backed by a stolen EV certificate deployed legitimate RMM tools to gain persistent access inside enterprise ...

A fake CAPTCHA scam is tricking Windows users into running PowerShell commands that install StealC malware and steal ...

A sophisticated Python-based malware deployment uncovered during a fraud investigation has revealed a layered attack involving obfuscation, disposable infrastructure and commercial offensive tools.

IntroductionIn December 2025, Zscaler ThreatLabz discovered a campaign linked to APT37 (also known as ScarCruft, Ruby Sleet, and Velvet Chollima), which is a DPRK-backed threat group. In this campaign ...

Amazon is warning that a Russian-speaking hacker used multiple generative AI services as part of a campaign that breached more than 600 FortiGate firewalls across 55 countries in five weeks.

Alibaba unveiled Qwen3.5, an open-weight, 397-billion-parameter mixture-of-experts model that only wakes up 17 billion neurons per prompt. The payoff? You get 60% lower inference ...