North Korea-linked ScarCruft’s Ruby Jumper uses Zoho WorkDrive C2 and USB malware to breach air-gapped systems for ...

IntroductionIn December 2025, Zscaler ThreatLabz discovered a campaign linked to APT37 (also known as ScarCruft, Ruby Sleet, and Velvet Chollima), which is a DPRK-backed threat group. In this campaign ...

Aeternum C2, a native C++ botnet loader, operates on smart contracts on the Polygon blockchain, increasing its resilience.

M-code is more resistant to jamming, and its encryption makes it more difficult to spoof, a kind of attack that makes ...

North Korean hackers are deploying newly uncovered tools to move data between internet-connected and air-gapped systems, spread via removable drives, and conduct covert surveillance.

The same technologies that enable State forces to monitor and strike insurgent camps are now being mirrored by non-State ...

Signals from trade data and market behavior suggest that European buyers are already testing this proposition. Public reporting based on customs statistics indicates Taiwan’s drone exports to Europe ...

The conversation about Mexican drug cartels tends to focus on personalities — the kingpins, the feuds, the escapes. But the ...

The conversation about Mexican drug cartels tends to focus on personalities — the kingpins, the feuds, the escapes. But the real story of how drugs move from a cartel lab to an American street corner ...

Here is a practical look at common ransomware attacks, how they operate, and how organizations can defend against them.

Q-FlexiViT is evaluated on standard intrusion-detection datasets containing multiple attack types and normal traffic. Using ...