Background In March 2025, cybersecurity researchers disclosed a highly sophisticated targeted attack campaign named “Operation ForumTroll.” Orchestrated by an unidentified state-sponsored APT group, ...

A fake CAPTCHA scam is tricking Windows users into running PowerShell commands that install StealC malware and steal passwords, crypto wallets, and more.

Chinese hackers compromised Notepad++ updates for six months, deploying a backdoor to selectively target users in government ...

DEAD#VAX campaign delivers AsyncRAT via IPFS-hosted VHD phishing files, using fileless memory injection and obfuscated scripts to evade detection.

Cybersecurity investigators have identified a new cyberattack campaign connected to the Russia-linked hacking group APT28, ...

Security researchers have attributed the Notepad++ update hijacking to a Chinese government-linked espionage crew called ...

Abstract: A NOP (no-operation) sled is used as part of binary exploitation code to provide flexibility for exploitation accuracy and evade signatures before and after the exploitation has occurred and ...

Abstract: Return-oriented programming (ROP) is a code-reuse attack that uses borrowed chunks of executable code for arbitrary computation. On Windows, ROP is often used solely to bypass Data Execution ...

Shellcode is a specially designed, position-independent binary code that is typically used as a payload in exploits to perform specific operations, such as spawning a shell or gaining control over a ...

BLACK HAT ASIA – Singapore – Windows fibers, little-known components of Windows OS, represent a largely undocumented code-execution pathway that exists exclusively in user mode — and is therefore ...