New ‘BlackSanta’ EDR killer spotted targeting HR departments

For more than a year, a Russian-speaking threat actor targeted human resource (HR) departments with malware that delivers a new EDR killer named BlackSanta.

Termite ransomware breaches linked to ClickFix CastleRAT attacks

Ransomware threat actors tracked as Velvet Tempest are using the ClickFix technique and legitimate Windows utilities to deploy the DonutLoader malware and the CastleRAT backdoor.
The Hacker News

Dust Specter Targets Iraqi Officials with New SPLITDROP and GHOSTFORM Malware

Iran-linked Dust Specter targeted Iraqi officials using fake ministry lures and new malware families uncovered by Zscaler.
The Hacker News

APT41-Linked Silver Dragon Targets Governments Using Cobalt Strike and Google Drive C2

Researchers link Silver Dragon APT to APT41 after attacks on government entities using Cobalt Strike, DNS tunneling, and ...
Security Boulevard

APT37 Adds New Capabilities for Air-Gapped Networks

IntroductionIn December 2025, Zscaler ThreatLabz discovered a campaign linked to APT37 (also known as ScarCruft, Ruby Sleet, and Velvet Chollima), which is a DPRK-backed threat group. In this campaign ...
Security Boulevard

Dust Specter APT Targets Government Officials in Iraq

IntroductionIn January 2026, Zscaler ThreatLabz observed activity by a suspected Iran-nexus threat actor targeting government officials in Iraq. ThreatLabz discovered previously undocumented malware ...
SecurityWeek

‘BlackSanta’ Malware Activates EDR and AV Killer Before Detonating Payload

The malware disables antivirus and EDR protections at the kernel level, clearing the path for credential harvesting, system reconnaissance, and eventual data exfiltration. An ongoing campaign, ...
Channel Buzz

ESET’s Tony Anscombe on the cybersecurity trends MSPs can’t ignore in 2026

Tony Anscombe, chief security evangelist at ESET, returns to the podcast for a wide-ranging conversation about the cybersecurity landscape in early 2026. From the emergence of AI-powered malware to ...
TechRepublic

Fake Claude Code Spreads Malware to Windows, macOS Users

Threat actors are exploiting a common developer habit — copying installation commands directly from websites — to distribute malware through fake software installation pages. Security researchers at ...
TechRepublic

Fake CAPTCHA Scam Tricks Windows Users Into Installing Malware

A new social engineering campaign is abusing fake CAPTCHA verification pages to trick Windows users into launching StealC information-stealing malware. The attack relies on compromised websites that ...
PC World

Facebook ads for Windows 11 deliver malware

PCWorld reports that malicious Facebook ads are distributing malware disguised as legitimate Windows 11 upgrades, mimicking official Microsoft download pages. The sophisticated malware employs ...
PCMag

Free vs. Paid Antivirus: Is Paying for Protection Really Worth It?

Free antivirus apps can protect your PC from common threats—but paid software often adds stronger defenses, extra tools, and peace of mind. I'm here to walk you through the differences.