Securonix uncovers the Veil#Drop malware framework, which abuses compromised websites and Google Blogspot to deploy the PureLog information stealer.
PureLogs Stealer uses fake PDF JavaScript files and Google's Blogger pages in the VEIL#DROP campaign, enabling fileless ...
Securonix says PureLogs infection starts with a fake PDF JavaScript file and uses PowerShell, fileless .NET loading, and LOLBins.
A fileless malware framework has been abusing Google's Blogspot platform to deliver the PureLog Stealer entirely in memory, letting attackers steal credentials while leaving few traces on disk.
Separate but similar campaigns described by Microsoft and Trend Micro use malicious zip files to spread malware via social ...
Gamaredon hacking group escalated its decade-long espionage campaign against Ukraine in 2025, exploiting a weaponized WinRAR ...
Prinz Eugen ransomware targets recently modified files first and skips ransom notes, exposing backup, EDR, and incident ...
On June 24, 2026, Microsoft’s Digital Crimes Unit (DCU) facilitated the takedown, suspension, and blocking of domains that ...
Microsoft says hotel phishing emails are using Calendly links and photo ZIP files to drop the TonRAT Node.js implant on front ...
ESET Research analyzes Gamaredon’s new toolset and the group’s growing reliance on legitimate online services to hide its C&C ...
Throughout 2025, the Russia-aligned Gamaredon threat group exclusively targeted governmental and military institutions in Ukraine. Gamaredon operators developed and deployed six new malicious ...
Event Viewer is powerful but it's full of noise ...