malware 27

• Adversarial Oracles: LLM-Guided EDR Signature Reduction May 28, 2026
• Visual Studio Extensions Revisited May 28, 2026
• Module Stomping PIC May 26, 2026
• Intelligence Insights: May 2026 May 26, 2026
• RemotePE: The Lazarus RAT that lives in memory May 22, 2026
• Shai-Hulud Is Back, and This Time It Ate the Whole Ecosystem May 21, 2026
• Tracking TamperedChef Clusters via Certificate and Code Reuse May 20, 2026
• From PDB strings to MaaS: Tracking a commodity BadIIS ecosystem used by Chinese-speaking threat May 19, 2026
• SHub Reaper | macOS Stealer Spoofs Apple, Google, and Microsoft in a Single Attack Chain May 18, 2026
• Gremlin Stealer's Evolved Tactics: Hiding in Plain Sight With Resource Files May 15, 2026
• Backdoored node-ipc npm releases steal developer credentials through DNS queries May 14, 2026
• Backdoored Cemu release linked to TanStack and Mistral supply chain campaign May 14, 2026
• Flash Alert: EtherRat and TukTuk C2 End in The Gentleman Ransomware May 11, 2026
• UAT-8302 and its box full of malware May 5, 2026
• CloudZ RAT potentially steals OTP messages using Pheno plugin May 5, 2026
• The Good, the Bad and the Ugly in Cybersecurity – Week 18 May 1, 2026
• Fracturing Software Security With Frontier AI Models Apr 21, 2026
• The Good, the Bad and the Ugly in Cybersecurity – Week 16 Apr 18, 2026
• PowMix botnet targets Czech workforce Apr 17, 2026
• The n8n n8mare: How threat actors are misusing AI workflow automation Apr 15, 2026
• Securing the Software Supply Chain: How SentinelOne’s AI EDR Autonomously Blocked the CPU-Z Watering Hole Cyber Attack Apr 15, 2026
• JitterDropper Apr 14, 2026
• Crystal Mask Apr 10, 2026
• New Lua-based malware “LucidRook” observed in targeted attacks against Taiwanese organizations Apr 9, 2026
• Using KServe to deploy malicious models Apr 8, 2026
• Model Confusion - Weaponizing ML models for red teams and bounty hunters Apr 8, 2026
• Adversaries sometimes compute gradients. Other times, they rob you. Apr 8, 2026