GitHub

ZYPE: Your Payload Encryptor

In the following example, I will use MSFvenom to generate a Windows shellcode to execute calc.exe and use ZYPE to do the IPv6 obfuscation. Let's first generate the shellcode. This will generate the ...
Dark Reading

Packer-as-a-Service Shanya Hides Ransomware, Kills EDR

You may be familiar with ransomware-as-a-service (RaaS), but now there's also packer-as-a-service. Security vendor Sophos on Dec. 6 published research on "Shanya," a packer-as-a-service family that ...
Gizmochina

Updated ClickFix malware impersonates Windows update to steal your passwords, browser cookies, banking logins

A sneaky new strain of the ClickFix malware is making the rounds, and it’s going after the easiest victim of all: anyone who trusts a Windows update prompt. Security researchers at Huntress say the ...
InfoWorld

North Korea’s ‘Job Test’ trap upgrades to JSON malware dropboxes

North Korea-linked Contagious Interview campaign is now luring developers with trojanized coding tasks and pulling obfuscated payloads from public JSON-storage services like JSON Keeper, JSONSilo, and ...
The Hacker News

GootLoader Is Back, Using a New Font Trick to Hide Malware on WordPress Sites

The malware known as GootLoader has resurfaced yet again after a brief spike in activity earlier this March, according to new findings from Huntress. The cybersecurity company said it observed three ...
Infosecurity-magazine.com

AI-Enabled Malware Now Actively Deployed, Says Google

Google has discovered a new breed of AI-powered malware that uses large language models (LLMs) during execution to dynamically generate malicious scripts and evade detection. A Google Threat ...
adtmag.com

Mojang Studios to Remove Code Obfuscation from Minecraft Java Edition

Mojang Studios announced Tuesday it will eliminate code obfuscation in Minecraft: Java Edition, marking a significant shift in how the company distributes the game to its modding community. The change ...
PC World

LockBit ransomware returns with a vengeance, affecting multiple OSes

The cybercriminal group known as LockBit has released an improved 5.0 version of its ransomware (LockBit 5.0), which is “significantly more dangerous,” warns Trend Micro. The malware now attacks ...
CSOonline

XWorm campaign shows a shift toward fileless malware and in-memory evasion tactics

In a newly disclosed multi-stage threat campaign, attackers were seen skipping disk and leaning on in-memory tricks to deliver the XWorm remote access trojan (RAT). According to Forcepoint Labs’ ...
Gizmodo

Brave VPN Review: Is It Any Good in 2025?

Best VPN for 2025: Our Top 10 Favorite VPN Services Brave VPN Review: Is It Any Good in 2025? Brave VPN has been around for a while, so it’s interesting to see if it has undergone coveted improvements ...
InfoWorld

QR codes become the vehicle for malware in new technique

A newly-discovered malicious package with layers of obfuscation is disguised as a utility library, with malware essentially hiding in plain sight in embedded QR codes. QR codes are ubiquitous these ...